The Community for Technology Leaders
Green Image
Issue No. 07 - July (2012 vol. 61)
ISSN: 0018-9340
pp: 1040-1049
Kun Ma , University of Illinois at Chicago, Chicago
Han Liang , Trident Microsystems, Inc.
Kaijie Wu , University of Illinois at Chicago, Chicago
Fault-based attacks, which recover secret keys by deliberately introducing fault(s) in cipher implementations and analyzing the faulty outputs, have been proved to be extremely powerful. In this paper, we propose a novel Concurrent Error Detection (CED) scheme to counter fault-based attack against RSA by exploiting its multiplicative homomorphic property. Specifically, the proposed CED scheme verifies if \Pi _{i = 1}^k E(m_i ) \equiv E(\Pi _{i = 1}^k m_i \bmod n) (\bmod n) where E could be either RSA encryption, or decryption, or signature, or verification process. Upon a mismatch, all the ciphertexts will be suppressed. The time overhead is 1/k and k can be used to trade-off the time overhead with memory overhead and output latency. Recognizing that an RSA device could be subject to a combination of several side-channel attacks, the proposed scheme enables an easy divide-and-concur solution—any fine-tuned architecture, for example, a power-attack-resistant architecture, can be equipped with fault-attack resistance easily without disturbing its original resistance. This advantage distinguishes the proposed scheme over the existing countermeasures.
RSA, public-key cipher, concurrent error detection, fault-based attack, side-channel attack, homomorphic property.
Kun Ma, Han Liang, Kaijie Wu, "Homomorphic Property-Based Concurrent Error Detection of RSA: A Countermeasure to Fault Attack", IEEE Transactions on Computers, vol. 61, no. , pp. 1040-1049, July 2012, doi:10.1109/TC.2011.121
89 ms
(Ver 3.1 (10032016))