Download Fault Diagnosis and Tolerance in Cryptography: Third by Shay Gueron, Jean-Pierre Seifert (auth.), Luca Breveglieri, PDF

By Shay Gueron, Jean-Pierre Seifert (auth.), Luca Breveglieri, Israel Koren, David Naccache, Jean-Pierre Seifert (eds.)

In fresh years utilized cryptography has constructed significantly to fulfill the - creasing safety necessities of assorted details know-how disciplines, similar to telecommunications, networking, database structures, cellular purposes and others. Cryptosystems are inherently computationally complicated and with a view to fulfill the excessive throughput specifications of many functions, they can be applied through both VLSI units (cryptographic accelerators) or hugely optimized software program exercises (cryptographic libraries) and are used through appropriate (network) protocols. The sophistication of the underlying cryptographic algorithms, the excessive complexity of the implementations, and the simple entry and occasional expense of cryptographic units ended in elevated issues concerning the reliability and defense of crypto-devices. The effectiveness of facet channel assaults on cryptographic units, like timing and power-based assaults, has been identified for a while. numerous fresh investigations have established the necessity to increase methodologies and strategies for designing strong cryptographic platforms (both and software program) to guard them opposed to either unintentional faults and maliciously injected faults with the aim of extracting the key key. This pattern has been quite influenced through the truth that the gear had to perform a profitable facet channel assault according to fault injection is well available at a comparatively cost effective (for instance, laser beam technology), and that the talents had to use it are very common. The id of facet channel assaults according to fault injections and the advance of applicable counter-measures have for that reason turn into an energetic box of clinical and commercial research.

Show description

Read or Download Fault Diagnosis and Tolerance in Cryptography: Third International Workshop, FDTC 2006, Yokohama, Japan, October 10, 2006. Proceedings PDF

Similar cryptography books

Fault Diagnosis and Tolerance in Cryptography: Third International Workshop, FDTC 2006, Yokohama, Japan, October 10, 2006. Proceedings

In recent times utilized cryptography has constructed significantly to fulfill the - creasing protection standards of assorted info expertise disciplines, corresponding to telecommunications, networking, database structures, cellular functions and others. Cryptosystems are inherently computationally complicated and for you to fulfill the excessive throughput specifications of many purposes, they can be applied by way of both VLSI units (cryptographic accelerators) or hugely optimized software program exercises (cryptographic libraries) and are used through compatible (network) protocols.

Additional info for Fault Diagnosis and Tolerance in Cryptography: Third International Workshop, FDTC 2006, Yokohama, Japan, October 10, 2006. Proceedings

Sample text

In the present paper we consider a model where truly random, hence "practical", computation faults are combined with a simple form of timing control. As pointed out Author’s address: Dipartimento di Sistemi e Informatica, Viale Morgagni 65, I–50134 Firenze, Italy. it. Work partially supported by the EU within the FET- GC2 initiative, project SENSORIA, and by University of Firenze, projects "ex-60%". L. Breveglieri et al. ): FDTC 2006, LNCS 4236, pp. 24–35, 2006. c Springer-Verlag Berlin Heidelberg 2006 Attacking Right-to-Left Modular Exponentiation with Timely Random Faults 25 by several works [4,6,15], it is relatively simple to induce random computational errors in smartcards using glitch-based techniques.

Of course, on J = 0 we could have factored the modulus right away. Also note that, in the last column, 44 is the correct value of M d mod n: the squaring in the last but one iteration has no effect on the final result, as dl−1 = 0. Remark 2 (software simulations). In the hypotheses of the corollary above, to obtain an error probability less say, than 2−10, one may have to run the test up to m = 25 times independently. In practice, software simulations have shown that a bit less than 5000 queries (=faulty signatures) are sufficient to recover a RSA-768 key in about 70% of the cases.

1 Sign Change Attack on Qi in Line 4 All of the variables in Lines 3 and 4 can be successfully attacked with a Sign Change Attack (SCA). In the following, we present the attack on the variable Qi in Line 4 during some loop iteration 0 ≤ i ≤ n − 1. The basic idea of our attack algorithm is to recover the bits of k in pieces of 1 ≤ r ≤ m bits. Here, m is chosen to reflect a trade-off between the number of necessary faulty results derived from Fact 2 and the approximate amount 2m of offline work. Throughout this paper, we assume that 2m #E.

Download PDF sample

Rated 4.18 of 5 – based on 47 votes