CA2278754A1 - Procede d'utilisation de defauts transitoires afin de verifier la securite d'un systeme cryptographique - Google Patents
Procede d'utilisation de defauts transitoires afin de verifier la securite d'un systeme cryptographique Download PDFInfo
- Publication number
- CA2278754A1 CA2278754A1 CA002278754A CA2278754A CA2278754A1 CA 2278754 A1 CA2278754 A1 CA 2278754A1 CA 002278754 A CA002278754 A CA 002278754A CA 2278754 A CA2278754 A CA 2278754A CA 2278754 A1 CA2278754 A1 CA 2278754A1
- Authority
- CA
- Canada
- Prior art keywords
- cryptography device
- processor
- cryptography
- determining
- secret information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/004—Countermeasures against attacks on cryptographic mechanisms for fault attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/302—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3249—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/26—Testing cryptographic entity, e.g. testing integrity of encryption key or encryption algorithm
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
Procédé utile servant à vérifier l'intégrité d'un système cryptographique et consistant à mettre en application des sorties erronées afin d'obtenir une information secrète (700). Dans certaines combinaisons à signatures basées sur le théorème chinois du reste, une signature correcte d'un message et une signature erronée du même message permettent d'obtenir le module sans difficultés. Si le contenu du message est connu, on peut déchiffrer ce type de systèmes cryptographiques avec une seule signature erronée du message. On peut déchiffrer certaines autres combinaisons à autorisations au moyen de l'analyse de certaines sorties erronées provoquées par un type particulier d'erreur appelé faute de registre. Un expert en sécurité ou un concepteur de système cryptographique peuvent provoquer intentionnellement la génération d'un calcul défectueux par un dispositif anti-fraude, en soumettant ce dernier, tel qu'une carte de crédit, à une contrainte physique, telle que certains types de rayonnement, de niveaux de tensions atypiques, ou à un rythme d'horloge supérieur à celui pour lequel le dispositif a été conçu. Les systèmes cryptographiques devraient être insensibles aux attaques décrites ci-dessus. Dans le cas contraire, il conviendrait de modifier ou d'éliminer ces systèmes.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US3692597P | 1997-02-07 | 1997-02-07 | |
US60/036,925 | 1997-02-07 | ||
PCT/US1998/002086 WO1998035467A1 (fr) | 1997-02-07 | 1998-02-04 | Procede d'utilisation de defauts transitoires afin de verifier la securite d'un systeme cryptographique |
Publications (1)
Publication Number | Publication Date |
---|---|
CA2278754A1 true CA2278754A1 (fr) | 1998-08-13 |
Family
ID=21891441
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002278754A Abandoned CA2278754A1 (fr) | 1997-02-07 | 1998-02-04 | Procede d'utilisation de defauts transitoires afin de verifier la securite d'un systeme cryptographique |
Country Status (5)
Country | Link |
---|---|
EP (1) | EP0958671A1 (fr) |
JP (1) | JP2000509521A (fr) |
AU (1) | AU6319098A (fr) |
CA (1) | CA2278754A1 (fr) |
WO (1) | WO1998035467A1 (fr) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
AU2002226515A1 (en) * | 2001-12-28 | 2003-09-04 | Gemplus | Method for detection of attacks on cryptographic algorithms by trial and error |
FR2838262B1 (fr) * | 2002-04-08 | 2004-07-30 | Oberthur Card Syst Sa | Procede de securisation d'une electronique a acces crypte |
WO2008114310A1 (fr) * | 2007-03-16 | 2008-09-25 | Fujitsu Limited | Intégration d'un dispositif doté d'une fonction de contre-mesures contre les attaques par insertion ('fa') |
FR3015080B1 (fr) * | 2013-12-17 | 2016-01-22 | Oberthur Technologies | Verification d'integrite de paire de cles cryptographiques |
JP6262085B2 (ja) * | 2014-06-25 | 2018-01-17 | ルネサスエレクトロニクス株式会社 | データ処理装置及び復号処理方法 |
JP6724829B2 (ja) * | 2017-03-16 | 2020-07-15 | 株式会社デンソー | 制御装置 |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5365591A (en) * | 1993-10-29 | 1994-11-15 | Motorola, Inc. | Secure cryptographic logic arrangement |
-
1998
- 1998-02-04 JP JP53484698A patent/JP2000509521A/ja active Pending
- 1998-02-04 EP EP98907364A patent/EP0958671A1/fr not_active Withdrawn
- 1998-02-04 AU AU63190/98A patent/AU6319098A/en not_active Abandoned
- 1998-02-04 WO PCT/US1998/002086 patent/WO1998035467A1/fr not_active Application Discontinuation
- 1998-02-04 CA CA002278754A patent/CA2278754A1/fr not_active Abandoned
Also Published As
Publication number | Publication date |
---|---|
AU6319098A (en) | 1998-08-26 |
JP2000509521A (ja) | 2000-07-25 |
EP0958671A1 (fr) | 1999-11-24 |
WO1998035467A1 (fr) | 1998-08-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6965673B1 (en) | Method of using transient faults to verify the security of a cryptosystem | |
Boneh et al. | On the importance of eliminating errors in cryptographic computations | |
Boneh et al. | On the importance of checking cryptographic protocols for faults | |
US10262141B2 (en) | Secure processor with resistance to external monitoring attacks | |
JP3659178B2 (ja) | 分散ディジタル署名作成方法及び装置及び分散ディジタル署名付ディジタル文書作成方法及び装置及び分散ディジタル署名作成プログラム及び分散ディジタル署名作成プログラムを格納した記憶媒体 | |
US7506165B2 (en) | Leak-resistant cryptographic payment smartcard | |
EP1076952B1 (fr) | Validite et validation d'une cle privee | |
US8654975B2 (en) | Joint encryption of data | |
CN109818752B (zh) | 信用评分生成方法、装置、计算机设备和存储介质 | |
JP2011530093A (ja) | 累乗法による暗号化を保護する解決策 | |
Fischer et al. | A public randomness service | |
CA2278754A1 (fr) | Procede d'utilisation de defauts transitoires afin de verifier la securite d'un systeme cryptographique | |
US20080002825A1 (en) | Method and a system for a quick verification rabin signature scheme | |
US6976169B1 (en) | Undeniable digital signature scheme based on quadratic field | |
EP1691501B1 (fr) | Procède et appareil cryptographiques résistant aux fuites | |
Duc et al. | DiAE: Re-rolling the DiSE | |
Nikodem | DSA signature scheme immune to the fault cryptanalysis | |
Ravi et al. | Backdooring post-quantum cryptography: Kleptographic attacks on lattice-based KEMs | |
JP2002072873A (ja) | 二次体に基づく否認不可署名方式 | |
Boneh et al. | Cryptanalysis in the presence of hardware faults | |
Richard et al. | On the Importance of Checking Cryptographic |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
FZDE | Discontinued |