错误注入攻击及一种CRT-RSA幂算法的改进

Proceedings of the 2019 9th International Conference on Communication and Network Security Pub Date : 2019-11-15 DOI:10.1145/3371676.3371699

Fanyu Kong, Guoqiang Yang, Huiyi Liu, Y. Jiang, Chengyu Hu, Dashui Zhou

{"title":"错误注入攻击及一种CRT-RSA幂算法的改进","authors":"Fanyu Kong, Guoqiang Yang, Huiyi Liu, Y. Jiang, Chengyu Hu, Dashui Zhou","doi":"10.1145/3371676.3371699","DOIUrl":null,"url":null,"abstract":"RSA cryptosystem is a widely-used public-key cryptographic algorithm in TLS/SSL and IPSec protocols. Fault-injection attack has a powerful threat on the CRT-based implementation of RSA cryptosystem. In 2016, Y. Choi et al. proposed a new right-to-left square-always exponentiation algorithm and a test-based CRT-RSA exponentiation algorithm to defeat the fault-injection attack. In this paper, we propose a fault-injection attack on Y. Choi et al.'s test-based CRT-RSA exponentiation algorithm. By inducing a permanent fault in the computation process of CRT-RSA cryptosystem, the attacker can obtain a faulty RSA signature and then recover the RSA private key. Furthermore, we give an improved CRT-RSA exponentiation algorithm to fix the security flaw. The security analysis shows that the improved algorithm can resist the fault-injection attack.","PeriodicalId":352443,"journal":{"name":"Proceedings of the 2019 9th International Conference on Communication and Network Security","volume":"75 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Fault-injection Attack and Improvement of a CRT-RSA Exponentiation Algorithm\",\"authors\":\"Fanyu Kong, Guoqiang Yang, Huiyi Liu, Y. Jiang, Chengyu Hu, Dashui Zhou\",\"doi\":\"10.1145/3371676.3371699\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"RSA cryptosystem is a widely-used public-key cryptographic algorithm in TLS/SSL and IPSec protocols. Fault-injection attack has a powerful threat on the CRT-based implementation of RSA cryptosystem. In 2016, Y. Choi et al. proposed a new right-to-left square-always exponentiation algorithm and a test-based CRT-RSA exponentiation algorithm to defeat the fault-injection attack. In this paper, we propose a fault-injection attack on Y. Choi et al.'s test-based CRT-RSA exponentiation algorithm. By inducing a permanent fault in the computation process of CRT-RSA cryptosystem, the attacker can obtain a faulty RSA signature and then recover the RSA private key. Furthermore, we give an improved CRT-RSA exponentiation algorithm to fix the security flaw. The security analysis shows that the improved algorithm can resist the fault-injection attack.\",\"PeriodicalId\":352443,\"journal\":{\"name\":\"Proceedings of the 2019 9th International Conference on Communication and Network Security\",\"volume\":\"75 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-11-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2019 9th International Conference on Communication and Network Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3371676.3371699\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2019 9th International Conference on Communication and Network Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3371676.3371699","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

RSA密码系统是TLS/SSL和IPSec协议中广泛使用的公钥加密算法。故障注入攻击对基于crt的RSA密码系统的实现具有很大的威胁。2016年，Y. Choi等人提出了一种新的从右到左总是平方的求幂算法和一种基于测试的CRT-RSA求幂算法来挫败故障注入攻击。在本文中，我们提出了一种针对Y. Choi等人基于测试的CRT-RSA幂算法的故障注入攻击。攻击者通过在CRT-RSA密码系统的计算过程中诱导永久故障，获得错误的RSA签名，然后恢复RSA私钥。在此基础上，我们提出了一种改进的CRT-RSA求幂算法来弥补安全漏洞。安全性分析表明，改进算法能够抵抗故障注入攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Fault-injection Attack and Improvement of a CRT-RSA Exponentiation Algorithm

RSA cryptosystem is a widely-used public-key cryptographic algorithm in TLS/SSL and IPSec protocols. Fault-injection attack has a powerful threat on the CRT-based implementation of RSA cryptosystem. In 2016, Y. Choi et al. proposed a new right-to-left square-always exponentiation algorithm and a test-based CRT-RSA exponentiation algorithm to defeat the fault-injection attack. In this paper, we propose a fault-injection attack on Y. Choi et al.'s test-based CRT-RSA exponentiation algorithm. By inducing a permanent fault in the computation process of CRT-RSA cryptosystem, the attacker can obtain a faulty RSA signature and then recover the RSA private key. Furthermore, we give an improved CRT-RSA exponentiation algorithm to fix the security flaw. The security analysis shows that the improved algorithm can resist the fault-injection attack.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 2019 9th International Conference on Communication and Network Security

自引率

0.00%

发文量