The Community for Technology Leaders
Green Image
<p><b>Abstract</b>—In order to avoid fault-based attacks on cryptographic security modules (e.g., smart-cards), some authors suggest that the computation results should be checked for faults before being transmitted. In this paper, we describe a potential fault-based attack where key bits leak only through the information whether the device produces a correct answer after a temporary fault or not. This information is available to the adversary even if a check is performed before output.</p>
Cryptography, exponentiation, fault-based cryptanalysis, tamper resistance, interleaved modular multiplication.

S. Yen and M. Joye, "Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis," in IEEE Transactions on Computers, vol. 49, no. , pp. 967-970, 2000.
89 ms
(Ver 3.3 (11022016))