摘要
The security of modular power algorithm is a very important research topic, which is the core operation of public key cryptography algorithm. Since the first timing attack was public in 1996, the attacker can exploit time differences between specific events to recover a secret key. In 2016, Dugardin took advantage of extra reductions to attack a regular exponentiation algorithm, which did not entirely adapt the fixed window method with Montgomery’s algorithm. The central thesis of this paper is that there exists a positive correlation between extra reductions of pre-computation and post-computation when the calculation has the same multiplier factor. In this article, basing on this dependency we present an attack method, and confirm the feasibility and effectiveness of it by conducting simulation experiments. Experimental results verify that the method can effectively attack modular power algorithm.
The security of modular power algorithm is a very important research topic, which is the core operation of public key cryptography algorithm. Since the first timing attack was public in 1996, the attacker can exploit time differences between specific events to recover a secret key. In 2016, Dugardin took advantage of extra reductions to attack a regular exponentiation algorithm, which did not entirely adapt the fixed window method with Montgomery’s algorithm. The central thesis of this paper is that there exists a positive correlation between extra reductions of pre-computation and post-computation when the calculation has the same multiplier factor. In this article, basing on this dependency we present an attack method, and confirm the feasibility and effectiveness of it by conducting simulation experiments. Experimental results verify that the method can effectively attack modular power algorithm.
