Download presentation

Presentation is loading. Please wait.

Published byMartin Keetch Modified over 2 years ago

1
CRT RSA Algorithm Protected Against Fault Attacks WISTP - 5/10/07 Arnaud BOSCHER Spansion EMEA Robert NACIRI Oberthur Card Systems Emmanuel PROUFF Oberthur Card Systems

2
2 © 2007 Spansion Inc. Agenda RSA and Physical Attacks Modular Exponentiation Algorithm Resistant against Physical Attacks CRT RSA Algorithm Resistant against Physical Attacks

3
3 © 2007 Spansion Inc. RSA and Physical Attacks

4
4 © 2007 Spansion Inc. RSA Algorithm Public key: – Modulus: N – Public Exponent: e Private key: – Modulus: N = p. q – Private Exponent: d = e -1 mod (p-1). (q-1) RSA Signature Generation: – S = M d mod N RSA Signature Verification: – Check M = S e mod N ?

5
5 © 2007 Spansion Inc. RSA Algorithm Using Chinese Remainder Theorem Private key CRT format: – Private Modulus: prime number p – Private Modulus: prime number q – Private Exponent: d p = e -1 mod p-1 – Private Exponent: d q = e -1 mod q-1 – Value : A = p -1 mod q RSA Signature using CRT: – S p = M d p mod p – S q = M d q mod q – S = ((S q - S p ). A mod q). p + S p

6
6 © 2007 Spansion Inc. Right-to-Left Modular Exponentation Input: M, d = (d n−1,..., d 0 ) 2, N Output: M d mod N S ← 1 A ← M For i from 0 to n − 1 do – If d i = 1 then S ← S. A mod N – A ← A 2 mod N Return (S)

7
7 © 2007 Spansion Inc. Simple Power Analysis Measurement of power consumption when the embedded device executes RSA Modular Multiplication and Modular Square with different power consumptions: – 2 consecutive Modular Squares d i = 0 – Modular Multiplication followed by a Modular Square d i = 1 Classical Countermeasure: always perform a Modular Multiplication

8
8 © 2007 Spansion Inc. Fault Analysis and Differential Fault Analysis Make external perturbation when the embedded device executes RSA to get an erroneous result DFA on CRT RSA: – S p ’ = M d p mod p + ε – S q = M d q mod q – S’ = ((S q - S p ’). A mod q). p + S p ’ –Gcd(S’ e mod N - M, N) = q Classical Countermeasures: – perform twice the signature – check it with the public exponent (if known)

9
9 © 2007 Spansion Inc. Safe-Errors Attacks Other kind of Fault Attacks Countermeasure against SPA weakness w.r.t Fault Attacks Attack the multiplication : – Final result correct dummy multiplication exponent bit was 0 – Final result wrong real multiplication exponent bit was 1 Retrieve the whole secret exponent bit by bit Difficult to counteract SPA and FA together

10
10 © 2007 Spansion Inc. Modular Exponentiation Resistant to Simple Power Analysis and Fault Attacks

11
11 © 2007 Spansion Inc. SPA-Resistant Modular Exponentiation Algorithm Starting from the SPA-resistant algorithm: Input: M, d = (d n−1,..., d 0 ) 2, N Output: M d mod N S[0] ← 1 S[1] ← 1 A ← M For i from 0 to n − 1 do – If d i = 1 then S[0] ← S[0]. A mod N – If d i = 0 then S[1] ← S[1] · A mod N – A ← A 2 mod N Return (S[0])

12
12 © 2007 Spansion Inc. Observations Loop of the algorithm: – For i from 0 to n − 1 do If d i = 1 then S[0] ← S[0].A mod N If d i = 0 then S[1] ← S[1].A mod N A ← A 2 mod N A is independent of the exponent d : A = M 2 n mod N S[1] is the result of the modular exponentiation of M by not(d) = 2 n -d-1 : S[1] = M 2 n -d-1 mod N At every step, we have the following relation: M. S[0]. S[1] = A mod N

13
13 © 2007 Spansion Inc. SPA/FA-Resistant Right-to-Left Modular Exponentiation Input: M, d = (d n−1,..., d 0 ) 2,N Output: M d mod N or ”Error” S[0] ← 1 S[1] ← 1 A ← M For i from 0 to n − 1 do – S[d i ] ← S[d i ] · A mod N – A ← A 2 mod N If (M. S[0]. S[1] = A mod N) then Return (S[0]) Else Return (”Error”)

14
14 © 2007 Spansion Inc. Algorithm Analysis Cost : 2 modular multiplications compared to the SPA version Resistance against SPA: always a multiplication before a square. Security proof against DFA and Safe-Errors Attacks in the following Attacker Model : – Can only perform one fault – Can make any modification ε on any variable X’ = X + ε

15
15 © 2007 Spansion Inc. Security Proof Algorithm divided in finite states that corresponds to single steps computation: S[0]: 1 M d 0 M d 1.2+d 0 … M d Fault Attack between two computations in S[0]: 1 … M (d i-1, …, d 0 ) 2 M (d i, …, d 0 ) 2 + ε … M d + ε’ Final result : S’[0] = M d + ε. (M 2 i ) (d n, …, d i+1 ) 2 Equality doesn’t hold: S’[0]. S[1]. M ≠ M 2 n if ε ≠ 0 Same behavior for S[1]

16
16 © 2007 Spansion Inc. Security Proof: the A variable case Error on variable A also impacts S[0] and S[1] Error needs to be written in a multiplicative way: A’ = A + ε = A. β A’ = M 2 n. β 2 n-i S[0]. S[1]. M = M 2 n. β 2 n-i-1 Equality doesn’t hold: S[0]. S[1]. M ≠ A’ if β ≠ 1, i.e. if ε ≠ 0

17
17 © 2007 Spansion Inc. CRT RSA Resistant to Fault Attacks

18
18 © 2007 Spansion Inc. FA-Resistant CRT-RSA Having a DFA-resistant exponentiation is not enough to have a DFA-resistant CRT RSA: – recombination step can be attacked Involve all the variables of the DFA-resistant exponentiation algorithm to protect the recombination SPA/DFA-resistant exponentiation algorithm outputs: – (S1, S2, T) ← (M d, M not(d), M 2 n ) Perform 3 recombinations and make final check

19
19 © 2007 Spansion Inc. FA-Resistant CRT-RSA Signature Input: M, p, q, d p, d q, A, and b the bit-length of p and q Output: S or ”Error” (S1 p, S2 p, T p ) ← (M d p mod p, M 2 b −d p −1 mod p, M 2 b mod p) (S1 q, S2 q, T q ) ← (M d q mod q, M 2 b −d q −1 mod q, M 2 b mod q) S1 ← ((S1 q − S1 p ) · A mod q) · p + S1 p S2 ← ((S2 q − S2 p ) · A mod q) · p + S2 p T ← ((T q − T p ) · A mod q) · p + T p If (M · S1 · S2 = T mod N) then Return (S1) Else Return (”Error”)

20
20 © 2007 Spansion Inc. Correctness of the algorithm Result of the 3 recombinations: S1 = ((S1 q − S1 p ) · A mod q) · p + S1 p = M d mod N S2 = ((S2 q − S2 p ) · A mod q) · p + S2 p = M 2 b -d-1 mod N T = ((T q − T p ) · A mod q) · p + T p = M 2 b mod N Equality holds: M · S1 · S2 = T mod N

21
21 © 2007 Spansion Inc. Algorithm Analysis Cost: 2 additional recombinations Memory occupation larger : alternative solution with less memory overhead proposed in the paper – detects an error with some probability

22
22 © 2007 Spansion Inc. Conclusion New modular exponentiation algorithm resistant against SPA/DFA Proof of security in a realistic fault model Suitable for low cost devices Can be used to construct SPA/DFA-resistant CRT RSA signature algorithm Can be adapted to compute SPA/DFA-resistant scalar multiplication for elliptic curve cryptography

23
23 © 2007 Spansion Inc. THANK YOU FOR YOUR ATTENTION

25
25 © 2007 Spansion Inc. Trademark Attribution Spansion, the Spansion Logo, MirrorBit, HD-SIM, ORNAND, and combinations thereof are trademarks of Spansion LLC. Other names used in this presentation are for informational purposes only and may be trademarks of their respective owners.

Similar presentations

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google