1 / 25

CRT RSA Algorithm Protected Against Fault Attacks

Arnaud BOSCHER Spansion EMEA Robert NACIRI Oberthur Card Systems Emmanuel PROUFF Oberthur Card Systems. CRT RSA Algorithm Protected Against Fault Attacks. WISTP - 5/10/07. Agenda. RSA and Physical Attacks Modular Exponentiation Algorithm Resistant against Physical Attacks

blanca
Download Presentation

CRT RSA Algorithm Protected Against Fault Attacks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Arnaud BOSCHER Spansion EMEA Robert NACIRI Oberthur Card Systems Emmanuel PROUFF Oberthur Card Systems CRT RSA Algorithm Protected Against FaultAttacks WISTP - 5/10/07

  2. Agenda • RSA and Physical Attacks • Modular Exponentiation Algorithm Resistant against Physical Attacks • CRT RSA Algorithm Resistant against Physical Attacks

  3. RSA and Physical Attacks

  4. RSA Algorithm • Public key: • Modulus: N • Public Exponent: e • Private key: • Modulus: N = p . q • Private Exponent: d = e-1 mod (p-1) . (q-1) • RSA Signature Generation: • S = Md mod N • RSA Signature Verification: • Check M = Se mod N ?

  5. RSA Algorithm Using Chinese Remainder Theorem • Private key CRT format: • Private Modulus: prime number p • Private Modulus: prime number q • Private Exponent: dp = e-1 mod p-1 • Private Exponent: dq = e-1 mod q-1 • Value : A = p-1 mod q • RSA Signature using CRT: • Sp = Mdp mod p • Sq = Mdq mod q • S = ((Sq - Sp) . A mod q) . p + Sp

  6. Right-to-Left Modular Exponentation • Input: M, d = (dn−1, . . . , d0)2, N • Output: Md mod N • S ← 1 • A ← M • For i from 0 to n − 1 do • If di = 1 then S ← S . A mod N • A ← A2 mod N • Return (S)

  7. Simple Power Analysis • Measurement of power consumption when the embedded device executes RSA • Modular Multiplication and Modular Square with different power consumptions: • 2 consecutive Modular Squares  di = 0 • Modular Multiplication followed by a Modular Square  di = 1 • Classical Countermeasure: always perform a Modular Multiplication

  8. Fault Analysis and Differential Fault Analysis • Make external perturbation when the embedded device executes RSA to get an erroneous result • DFA on CRT RSA: • Sp’ = Mdp mod p + ε • Sq = Mdq mod q • S’ = ((Sq - Sp’) . A mod q) . p + Sp’ • Gcd(S’e mod N - M, N) = q • Classical Countermeasures: • perform twice the signature • check it with the public exponent (if known)

  9. Safe-Errors Attacks • Other kind of Fault Attacks • Countermeasure against SPA  weakness w.r.t Fault Attacks • Attack the multiplication : • Final result correct  dummy multiplication  exponent bit was 0 • Final result wrong  real multiplication  exponent bit was 1 • Retrieve the whole secret exponent bit by bit • Difficult to counteract SPA and FA together

  10. Modular Exponentiation Resistant to Simple Power Analysis and Fault Attacks

  11. SPA-Resistant Modular Exponentiation Algorithm • Starting from the SPA-resistant algorithm: • Input: M, d = (dn−1, . . . , d0)2, N • Output: Md mod N • S[0] ← 1 • S[1] ← 1 • A ← M • For i from 0 to n − 1 do • If di = 1 then S[0] ← S[0] . A mod N • If di = 0 then S[1] ← S[1] · A mod N • A ← A2 mod N • Return (S[0])

  12. Observations • Loop of the algorithm: • For i from 0 to n − 1 do • If di = 1 then S[0] ← S[0].A mod N • If di = 0 then S[1] ← S[1].A mod N • A ← A2 mod N • A is independent of the exponent d : A = M2n mod N • S[1] is the result of the modular exponentiation of M by not(d) = 2n-d-1 : S[1] = M2n-d-1 mod N • At every step, we have the following relation: M . S[0] . S[1] = A mod N

  13. SPA/FA-Resistant Right-to-Left Modular Exponentiation • Input: M, d = (dn−1, . . . , d0)2,N • Output: Md mod N or ”Error” • S[0] ← 1 • S[1] ← 1 • A ← M • For i from 0 to n − 1 do • S[di] ← S[di] · A mod N • A ← A2 mod N • If (M . S[0] . S[1] = A mod N) then • Return (S[0]) • Else • Return (”Error”)

  14. Algorithm Analysis • Cost : 2 modular multiplications compared to the SPA version • Resistance against SPA: always a multiplication before a square. • Security proof against DFA and Safe-Errors Attacks in the following Attacker Model : • Can only perform one fault • Can make any modification ε on any variable X’ = X + ε

  15. Security Proof • Algorithm divided in finite states that corresponds to single steps computation: S[0]: 1  Md0 Md1.2+d0  …  Md • Fault Attack between two computations in S[0]: 1  …  M(di-1, …, d0)2 M(di, … , d0)2 + ε …  Md + ε’ • Final result : S’[0] = Md + ε . (M2i)(dn, … , di+1)2 • Equality doesn’t hold: S’[0] . S[1] . M ≠ M2n if ε≠ 0 • Same behavior for S[1]

  16. Security Proof: the A variable case • Error on variable A also impacts S[0] and S[1] • Error needs to be written in a multiplicative way: A’ = A + ε = A . β • A’ = M2n. β2n-i • S[0] . S[1] . M = M2n. β2n-i-1 • Equality doesn’t hold: S[0] . S[1] . M ≠ A’ if β ≠ 1, i.e. if ε≠ 0

  17. CRT RSA Resistant to Fault Attacks

  18. FA-Resistant CRT-RSA • Having a DFA-resistant exponentiation is not enough to have a DFA-resistant CRT RSA: • recombination step can be attacked • Involve all the variables of the DFA-resistant exponentiation algorithm to protect the recombination • SPA/DFA-resistant exponentiation algorithm outputs: • (S1, S2, T) ← (Md, Mnot(d), M2n) • Perform 3 recombinations and make final check

  19. FA-Resistant CRT-RSA Signature • Input: M, p, q, dp, dq, A, and b the bit-length of p and q • Output: S or ”Error” • (S1p , S2p , Tp) ← (Mdp mod p , M2b−dp−1 mod p , M2b mod p) • (S1q , S2q , Tq) ← (Mdq mod q , M2b−dq−1mod q , M2b mod q) • S1 ← ((S1q − S1p) · A mod q) · p + S1p • S2 ← ((S2q − S2p ) · A mod q) · p + S2p • T ← ((Tq − Tp) · A mod q) · p + Tp • If (M · S1 · S2 = T mod N) then • Return (S1) • Else • Return (”Error”)

  20. Correctness of the algorithm • Result of the 3 recombinations: • S1 = ((S1q − S1p) · A mod q) · p + S1p =Md mod N • S2 = ((S2q − S2p ) · A mod q) · p + S2p =M2b-d-1 mod N • T = ((Tq − Tp) · A mod q) · p + Tp =M2b mod N • Equality holds: M · S1 · S2 = T mod N

  21. Algorithm Analysis • Cost: 2 additional recombinations • Memory occupation larger : alternative solution with less memory overhead proposed in the paper • detects an error with some probability

  22. Conclusion • New modular exponentiation algorithm resistant against SPA/DFA • Proof of security in a realistic fault model • Suitable for low cost devices • Can be used to construct SPA/DFA-resistant CRT RSA signature algorithm • Can be adapted to compute SPA/DFA-resistant scalar multiplication for elliptic curve cryptography

  23. THANK YOU FOR YOUR ATTENTION

  24. Trademark Attribution • Spansion, the Spansion Logo, MirrorBit, HD-SIM, ORNAND, and combinations thereof are trademarks of Spansion LLC. Other names used in this presentation are for informational purposes only and may be trademarks of their respective owners.

More Related