WO2008114315A1 - Fault攻撃対策機能を搭載した組み込み装置 - Google Patents

Fault攻撃対策機能を搭載した組み込み装置 Download PDF

Info

Publication number
WO2008114315A1
WO2008114315A1 PCT/JP2007/000252 JP2007000252W WO2008114315A1 WO 2008114315 A1 WO2008114315 A1 WO 2008114315A1 JP 2007000252 W JP2007000252 W JP 2007000252W WO 2008114315 A1 WO2008114315 A1 WO 2008114315A1
Authority
WO
WIPO (PCT)
Prior art keywords
fault attack
built
countermeasure function
attack countermeasure
montgomery multiplication
Prior art date
Application number
PCT/JP2007/000252
Other languages
English (en)
French (fr)
Inventor
Kazuyoshi Furukawa
Kouichi Itoh
Masahiko Takenaka
Original Assignee
Fujitsu Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujitsu Limited filed Critical Fujitsu Limited
Priority to EP07736909.8A priority Critical patent/EP2138990B1/en
Priority to JP2009504908A priority patent/JP4894913B2/ja
Priority to EP13158247.0A priority patent/EP2605232B1/en
Priority to PCT/JP2007/000252 priority patent/WO2008114315A1/ja
Publication of WO2008114315A1 publication Critical patent/WO2008114315A1/ja
Priority to US12/560,222 priority patent/US8327156B2/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/60Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
    • G06F7/72Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
    • G06F7/723Modular exponentiation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/60Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
    • G06F7/72Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
    • G06F7/728Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic using Montgomery reduction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • H04L9/004Countermeasures against attacks on cryptographic mechanisms for fault attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2207/00Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F2207/72Indexing scheme relating to groups G06F7/72 - G06F7/729
    • G06F2207/7219Countermeasures against side channel or fault attacks
    • G06F2207/7271Fault verification, e.g. comparing two values which should be the same, unless a computational fault occurred

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computing Systems (AREA)
  • Computational Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Mathematical Physics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Engineering & Computer Science (AREA)
  • Algebra (AREA)
  • Storage Device Security (AREA)
  • Retry When Errors Occur (AREA)

Abstract

 記憶手段と、前記記憶手段に格納する値を設定する初期設定手段と、前記初期設定手段が設定した値についての複数回のモンゴメリ乗算剰余演算を行うモンゴメリ乗算剰余演算手段と、前記複数回のモンゴメリ乗算剰余演算のうちの少なくとも一部のそれぞれごとに、Fault攻撃が発生したかどうかを判定する、Fault攻撃検知手段とを含む暗号処理装置。
PCT/JP2007/000252 2007-03-19 2007-03-19 Fault攻撃対策機能を搭載した組み込み装置 WO2008114315A1 (ja)

Priority Applications (5)

Application Number Priority Date Filing Date Title
EP07736909.8A EP2138990B1 (en) 2007-03-19 2007-03-19 Built-in device with fault attack countermeasure function
JP2009504908A JP4894913B2 (ja) 2007-03-19 2007-03-19 Fault攻撃対策機能を搭載した組み込み装置
EP13158247.0A EP2605232B1 (en) 2007-03-19 2007-03-19 Embedded device having countermeasure function against fault attack
PCT/JP2007/000252 WO2008114315A1 (ja) 2007-03-19 2007-03-19 Fault攻撃対策機能を搭載した組み込み装置
US12/560,222 US8327156B2 (en) 2007-03-19 2009-09-15 Embedded device having countermeasure function against fault attack

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2007/000252 WO2008114315A1 (ja) 2007-03-19 2007-03-19 Fault攻撃対策機能を搭載した組み込み装置

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US12/560,222 Continuation US8327156B2 (en) 2007-03-19 2009-09-15 Embedded device having countermeasure function against fault attack

Publications (1)

Publication Number Publication Date
WO2008114315A1 true WO2008114315A1 (ja) 2008-09-25

Family

ID=39765436

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2007/000252 WO2008114315A1 (ja) 2007-03-19 2007-03-19 Fault攻撃対策機能を搭載した組み込み装置

Country Status (4)

Country Link
US (1) US8327156B2 (ja)
EP (2) EP2605232B1 (ja)
JP (1) JP4894913B2 (ja)
WO (1) WO2008114315A1 (ja)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102967818A (zh) * 2011-08-31 2013-03-13 北京中电华大电子设计有限责任公司 一种故障检测电路
JP2017526981A (ja) * 2014-09-10 2017-09-14 ジエマルト・エス・アー 暗号アルゴリズム向けのワンタイムの中国剰余定理のべき乗のためのシステムおよび方法
JP2022502901A (ja) * 2018-10-02 2022-01-11 キャピタル・ワン・サービシーズ・リミテッド・ライアビリティ・カンパニーCapital One Services, LLC 非接触カードの暗号化認証のためのシステムおよび方法

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015199675A1 (en) * 2014-06-25 2015-12-30 Umm Al-Qura University System and method for securing scalar multiplication against differential power attacks
WO2015199672A1 (en) * 2014-06-25 2015-12-30 Umm Al-Qura University System and method for securing scalar multiplication against simple power attacks
US9565017B2 (en) * 2014-11-10 2017-02-07 Umm Al-Qura University Method for efficiently protecting elliptic curve cryptography against simple power analysis attacks
EP3242202A1 (en) * 2016-05-04 2017-11-08 Gemalto Sa Countermeasure to safe-error fault injection attacks on cryptographic exponentiation algorithms
FR3087022B1 (fr) * 2018-10-09 2022-04-15 Maxim Integrated Products Systèmes et procédés cryptographiques résistant à des attaques par défaut

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005209095A (ja) * 2004-01-26 2005-08-04 Fujitsu Ltd 多倍長データ積和演算処理回路及びモンゴメリ積和剰余演算回路

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6298442B1 (en) * 1998-06-03 2001-10-02 Cryptography Research, Inc. Secure modular exponentiation with leak minimization for smartcards and other cryptosystems
JP2003241659A (ja) * 2002-02-22 2003-08-29 Hitachi Ltd 情報処理方法
WO2005124578A2 (en) * 2004-06-16 2005-12-29 Discretix Technologies Ltd System, method and apparatus of error detection during a modular operation
US20080104402A1 (en) * 2006-09-28 2008-05-01 Shay Gueron Countermeasure against fault-based attack on RSA signature verification

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005209095A (ja) * 2004-01-26 2005-08-04 Fujitsu Ltd 多倍長データ積和演算処理回路及びモンゴメリ積和剰余演算回路

Non-Patent Citations (6)

* Cited by examiner, † Cited by third party
Title
CHIOU C.-W. ET AL.: "Concurrent Error Detection in Montgomery Multiplication over GF(2m)", IEICE TRANSACTIONS ON FUNDAMENTALS OF ELECTRONICS, COMMUNICATIONS AND COMPUTER SCIENCE, vol. E89-A, no. 2, 25 January 2006 (2006-01-25), pages 566 - 574, XP001241570 *
D. BONEH; R. A. DEMILLO; R. J. LIPTON.: "Advances in Cryptology - EUROCRYPT' 97", vol. 1233, 1997, SPRINGER-VERLAG, article "On the importance of checking cryptographic protocols for faults", pages: 37 - 51
INGRID BIEHL; BERND MEYER; VOLKER MULLER: "Differential Fault Attacks on Elliptic Curve Cryptosystems", ADVANCES IN CRYPTOLOGY-CRYPT, vol. 1880, 2000, pages 131 - 146
MUKAIDA ET AL.: "Designing of High-speed Montgomery Multiply-accumulation remainder circuit", SYMPOSIUM ON CRYPTOGRAPHY AND INFORMATION SECURITY, pages 2A3 - 2
S. R. DUSSE; B. S. KALISKI JR.: "A Cryptographic Library for the Motorola DSP56000", ADVANCES IN CRYPTOLOGY - EUROCRYPTO '90, vol. 473, 1990, pages 230 - 244
See also references of EP2138990A4 *

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102967818A (zh) * 2011-08-31 2013-03-13 北京中电华大电子设计有限责任公司 一种故障检测电路
CN102967818B (zh) * 2011-08-31 2015-07-01 北京中电华大电子设计有限责任公司 一种故障检测电路
JP2017526981A (ja) * 2014-09-10 2017-09-14 ジエマルト・エス・アー 暗号アルゴリズム向けのワンタイムの中国剰余定理のべき乗のためのシステムおよび方法
JP2021144239A (ja) * 2014-09-10 2021-09-24 タレス・ディス・フランス・エス・ア 暗号アルゴリズム向けのワンタイムの中国剰余定理のべき乗のためのシステムおよび方法
JP7206324B2 (ja) 2014-09-10 2023-01-17 タレス・ディス・フランス・エス・ア 暗号アルゴリズム向けのワンタイムの中国剰余定理のべき乗のためのシステムおよび方法
JP2022502901A (ja) * 2018-10-02 2022-01-11 キャピタル・ワン・サービシーズ・リミテッド・ライアビリティ・カンパニーCapital One Services, LLC 非接触カードの暗号化認証のためのシステムおよび方法
US11924188B2 (en) 2018-10-02 2024-03-05 Capital One Services, Llc Systems and methods for cryptographic authentication of contactless cards

Also Published As

Publication number Publication date
US20100031055A1 (en) 2010-02-04
JPWO2008114315A1 (ja) 2010-06-24
EP2605232A3 (en) 2013-07-03
EP2138990B1 (en) 2013-05-15
EP2605232B1 (en) 2014-07-16
JP4894913B2 (ja) 2012-03-14
EP2605232A2 (en) 2013-06-19
EP2138990A4 (en) 2011-11-09
US8327156B2 (en) 2012-12-04
EP2138990A1 (en) 2009-12-30

Similar Documents

Publication Publication Date Title
WO2008114315A1 (ja) Fault攻撃対策機能を搭載した組み込み装置
WO2011084214A3 (en) Method and apparatus for performing a shift and exclusive or operation in a single instruction
WO2010147600A3 (en) Qualified command
MY151504A (en) System and method of fraund and misuse detection
WO2012103146A3 (en) Utilizing special purpose elements to implement a fsm
WO2013076596A3 (en) Apparatus and method for providing for scrolling a filtered list
GB201100039D0 (en) Server, user device and malware detection method thereof
GB2521946A (en) Detection of return oriented programming attacks
WO2009077882A3 (en) Behavior tracking with tracking pods
WO2007130354A3 (en) Methods and apparatus providing computer and network security for polymorphic attacks
WO2007009009A3 (en) Systems and methods for identifying sources of malware
WO2008131143A3 (en) Dynamically configurable and re-configurable data path
WO2015013376A3 (en) Systems and methods for self-tuning network intrusion detection and prevention
WO2010019407A3 (en) Integrated development engine for a cloud computing environment
HK1149611A1 (en) Consumer abuse detection system and method
WO2008038196A3 (en) Protecting interfaces on processor architectures
WO2010147857A3 (en) Dependence prediction in a memory system
WO2007148314A3 (en) Secure domain information protection apparatus and methods
WO2009072778A3 (en) Terminal and method for performing fuction therein
WO2006053084A3 (en) Method and system of pooling storage devices
WO2008083892A3 (en) Code path tracking
WO2010004243A3 (en) Interrupt processing
EP2336889A4 (en) DETECTION RULE GENERATING DEVICE, DETECTION RULE GENERATING METHOD, AND COMPUTER PROGRAM
WO2011119167A3 (en) Associated file
WO2008063647A3 (en) Delaying an operation that reduces a lifetime of memory

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07736909

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2009504908

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 2007736909

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE