Protecting CRT RSA against Fault and Power Side Channel Attacks

Abstract

The RSA cryptographic algorithm is a security tool that has achieved long cryptographic and market maturity. However, after the discovery and wide spread of Side Channel Attacks (SCA), RSA implementations are susceptible to a variety of different attacks that target the hardware structure rather than the algorithm itself. While there are a wide range of countermeasures that can be applied on the RSA structure in order to protect the algorithm from specific SCA categories, combining several such measures to produce an "all in one" SCA resistant RSA structure is not an easy endeavor. Several incompatibility issues between combined SCA protection methods lead to new SCA vulnerabilities. In this paper, we evaluate some very popular and potent SCAs against RSA, like Fault attacks (FA), Simple Power attacks (SPA), Doubling attacks (DA) and Differential Power attacks (DPA), and propose an SCA protection scheme for RSA based on Chinese Remainder Theorem (CRT) that can thwart them. The proposed scheme uses a square and always multiply approach in combination with the message blinding technique in such a way that possible vulnerabilities that may rise from this combination can no longer apply. The proposed scheme is evaluated against specific SCAs and is found to be very secure. From performance point of view, the proposed scheme favors parallelism and can calculate an RSA result with small time delay.