The message blinding method is the most efficient and secure countermeasure against first-order differential power analysis(DPA).Although cross correlation attacks(CCAs) were given for defeating message blinding metho...The message blinding method is the most efficient and secure countermeasure against first-order differential power analysis(DPA).Although cross correlation attacks(CCAs) were given for defeating message blinding methods,however searching for correlation points is difficult for noise,misalignment in practical environment.In this paper,we propose an optimized cross correlation power attack for message blinding exponentiation algorithms.The attack method can select the more correlative power points of share one operation in the modular multiplication by comparing variances between correlation coefficients.Further we demonstrate that the attack method is more efficient in experiments with hardware implementation of RSA on a crypto chip card.In addition to the proposed CCA method can recovery all 1024 bits secret key and recognition rate increases to 100%even when the recorded signals are noisy.展开更多
In this paper,we propose two new attack algorithms on RSA implementations with CRT(Chinese remainder theorem).To improve the attack efficiency considerably,a clustering collision power attack on RSA with CRT is introd...In this paper,we propose two new attack algorithms on RSA implementations with CRT(Chinese remainder theorem).To improve the attack efficiency considerably,a clustering collision power attack on RSA with CRT is introduced via chosen-message pairs.This attack method is that the key parameters dp and dq are segmented by byte,and the modular multiplication collisions are identified by k-means clustering.The exponents dp and dq were recovered by 12 power traces of six groups of the specific message pairs,and the exponent d was obtained.We also propose a second order clustering collision power analysis attack against RSA implementation with CRT,which applies double blinding exponentiation.To reduce noise and artificial participation,we analyze the power points of interest by preprocessing and k-means clustering with horizontal correlation collisions.Thus,we recovered approximately 91%of the secret exponents manipulated with a single power curve on RSA-CRT with countermeasures of double blinding methods.展开更多
基金supported in part by National Natural Science Foundation of China Project(Grant No.60873216) Scientific and Technological Research Priority Projects of Sichuan Province(Grant No. 2012GZ0017)
文摘The message blinding method is the most efficient and secure countermeasure against first-order differential power analysis(DPA).Although cross correlation attacks(CCAs) were given for defeating message blinding methods,however searching for correlation points is difficult for noise,misalignment in practical environment.In this paper,we propose an optimized cross correlation power attack for message blinding exponentiation algorithms.The attack method can select the more correlative power points of share one operation in the modular multiplication by comparing variances between correlation coefficients.Further we demonstrate that the attack method is more efficient in experiments with hardware implementation of RSA on a crypto chip card.In addition to the proposed CCA method can recovery all 1024 bits secret key and recognition rate increases to 100%even when the recorded signals are noisy.
基金supported by the National Key R&D Program of China(No.2017YFB0802300)the Key Research and Development Project of Sichuan Province(No.2020YFG0307,No.2018TJPT0012)the Key Research and Development Project of Chengdu(No.2019-YF05-02028-GX).
文摘In this paper,we propose two new attack algorithms on RSA implementations with CRT(Chinese remainder theorem).To improve the attack efficiency considerably,a clustering collision power attack on RSA with CRT is introduced via chosen-message pairs.This attack method is that the key parameters dp and dq are segmented by byte,and the modular multiplication collisions are identified by k-means clustering.The exponents dp and dq were recovered by 12 power traces of six groups of the specific message pairs,and the exponent d was obtained.We also propose a second order clustering collision power analysis attack against RSA implementation with CRT,which applies double blinding exponentiation.To reduce noise and artificial participation,we analyze the power points of interest by preprocessing and k-means clustering with horizontal correlation collisions.Thus,we recovered approximately 91%of the secret exponents manipulated with a single power curve on RSA-CRT with countermeasures of double blinding methods.
