WO2008114310A1 - Incorporating device having fault attack countermeasure function - Google Patents
Incorporating device having fault attack countermeasure function Download PDFInfo
- Publication number
- WO2008114310A1 WO2008114310A1 PCT/JP2007/000240 JP2007000240W WO2008114310A1 WO 2008114310 A1 WO2008114310 A1 WO 2008114310A1 JP 2007000240 W JP2007000240 W JP 2007000240W WO 2008114310 A1 WO2008114310 A1 WO 2008114310A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- mod
- random number
- countermeasure function
- fault attack
- attack countermeasure
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/302—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C1/00—Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/004—Countermeasures against attacks on cryptographic mechanisms for fault attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
- H04L9/0662—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
An encrypting device for carrying out RSA decryption using the Chinese remainder theory (CRT). The RSA decryption is expressed by Cd (mod n) where c is an encrypted text, n is the modulus, and d is the secret key and the modulus n is expressed by n=p×q where p and q are primary numbers. The encrypting device comprises random number generating means for preparing a random number r and decryption path selecting means for selecting either a calculation method using u=p-1 (mod q) according to the random number r or a calculation method using v=q-1 (mod p) at the step of calculating a plain text after carrying out an exponential remainder operation using moduli p, q.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2007/000240 WO2008114310A1 (en) | 2007-03-16 | 2007-03-16 | Incorporating device having fault attack countermeasure function |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2007/000240 WO2008114310A1 (en) | 2007-03-16 | 2007-03-16 | Incorporating device having fault attack countermeasure function |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2008114310A1 true WO2008114310A1 (en) | 2008-09-25 |
Family
ID=39765431
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2007/000240 WO2008114310A1 (en) | 2007-03-16 | 2007-03-16 | Incorporating device having fault attack countermeasure function |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2008114310A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2016009114A (en) * | 2014-06-25 | 2016-01-18 | ルネサスエレクトロニクス株式会社 | Data processing device and decoding method |
US9571281B2 (en) | 2014-02-03 | 2017-02-14 | Samsung Electronics Co., Ltd. | CRT-RSA encryption method and apparatus |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5991415A (en) * | 1997-05-12 | 1999-11-23 | Yeda Research And Development Co. Ltd. At The Weizmann Institute Of Science | Method and apparatus for protecting public key schemes from timing and fault attacks |
JP2000509521A (en) * | 1997-02-07 | 2000-07-25 | テルコーディア テクノロジーズ インコーポレイテッド | How to use transient failures to verify the security of a cryptographic system |
JP2003241659A (en) * | 2002-02-22 | 2003-08-29 | Hitachi Ltd | Information processing method |
-
2007
- 2007-03-16 WO PCT/JP2007/000240 patent/WO2008114310A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000509521A (en) * | 1997-02-07 | 2000-07-25 | テルコーディア テクノロジーズ インコーポレイテッド | How to use transient failures to verify the security of a cryptographic system |
US5991415A (en) * | 1997-05-12 | 1999-11-23 | Yeda Research And Development Co. Ltd. At The Weizmann Institute Of Science | Method and apparatus for protecting public key schemes from timing and fault attacks |
JP2003241659A (en) * | 2002-02-22 | 2003-08-29 | Hitachi Ltd | Information processing method |
Non-Patent Citations (7)
Title |
---|
AUMUELLER C. ET AL.: "Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures", LECTURE NOTES IN COMPUTER SCIENCE, vol. 2523, 2002, pages 260 - 275, XP003023279 * |
BLOEMER J. ET AL.: "Wagner's Attack on a Secure CRT-RSA Algorithm Reconsidered", LECTURE NOTES IN COMPUTER SCIENCE, vol. 4236, 2006, pages 13 - 23, XP019045564 * |
GIRAUD C.: "An RSA Implementation Resistant to Fault Attacks and to Simple Power Analysis", IEEE TRANSACTIONS ON COMPUTERS, vol. 55, no. 9, September 2005 (2005-09-01), pages 1116 - 1120, XP002460785 * |
KIM C.K.: "A CRT-Based RSA Countermeasures Against Physical Cryptanalysis", LECTURE NOTES IN COMPUTER SCIENCE, vol. 3726, 2005, pages 549 - 554, XP019019614 * |
LIU S. ET AL.: "A CRT-RSA Algorithm Secure against Hardware Fault Attacks", PROCEEDINGS OF THE 2ND IEEE INTERNATIONAL SYMPOSIUM ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING, September 2006 (2006-09-01), pages 51 - 60, XP031030589 * |
YEN S.-M. ET AL.: "Hardware Fault Attack on RSA with CRT Revisited", LECTURE NOTES IN COMPUTER SCIENCE, vol. 2587, 2003, pages 374 - 388, XP001160549 * |
YEN S.-M. ET AL.: "RSA Speedup with Chinese Remainder Theorem Immune against Hardware Fault Cryptanalysis", IEEE TRANSACTIONS ON COMPUTERS, vol. 52, no. 4, April 2003 (2003-04-01), pages 461 - 472, XP001095863 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9571281B2 (en) | 2014-02-03 | 2017-02-14 | Samsung Electronics Co., Ltd. | CRT-RSA encryption method and apparatus |
JP2016009114A (en) * | 2014-06-25 | 2016-01-18 | ルネサスエレクトロニクス株式会社 | Data processing device and decoding method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP2001324925A5 (en) | ||
WO2010105915A3 (en) | Method for providing a cryptic pair of keys | |
WO2007027241A3 (en) | Multi-key cryptographically generated address | |
MY146687A (en) | Cryptographic key generation | |
CN101346691A (en) | Cryptographic method comprising a modular exponentiation secured against hidden-channel attacks, cryptoprocessor for implementing the method and associated chip card | |
WO2007113697A3 (en) | Secure decryption method | |
WO2005099150A3 (en) | Public key cryptographic methods and systems | |
WO2008080800A3 (en) | Securing communication | |
WO2008005789A3 (en) | Secure escrow and recovery of media device content keys | |
US7248700B2 (en) | Device and method for calculating a result of a modular exponentiation | |
WO2008042175A3 (en) | Key wrapping system and method using encryption | |
WO2009056679A3 (en) | End-to-end encrypted communication | |
Zhang et al. | Differential fault analysis on SMS4 | |
JP2015521003A5 (en) | ||
WO2008013587A3 (en) | Supporting multiple key ladders using a common private key set | |
CN103067164A (en) | Anti-attack method for electronic components using RSA public key encryption algorithm | |
AU2002221940A1 (en) | Method and device for detecting a key pair and for generating rsa keys | |
WO2008114310A1 (en) | Incorporating device having fault attack countermeasure function | |
WO2007020564A3 (en) | Circuit arrangement and method for rsa key generation | |
WO2008036919A3 (en) | System and method for rotating data in a crypto system | |
WO2010057194A3 (en) | Storage security using cryptographic splitting | |
CN104717213A (en) | Encryption and decryption method and system for network data transmission | |
JP2005195829A5 (en) | ||
JP2004246350A (en) | Enciphering device, deciphering device, enciphering system equipped with the same, enciphering method, and deciphering method | |
WO2009004590A3 (en) | Method, apparatus, system and computer program for key parameter provisioning |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07736897 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 07736897 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: JP |