Utilizza questo identificativo per citare o creare un link a questo documento:
|Titolo:||A novel fault attack against ECDSA|
|Autori interni:||BARENGHI, ALESSANDRO|
|Data di pubblicazione:||2011|
|Abstract:||A novel fault attack against ECDSA is proposed in this work. It allows to retrieve the secret signing key, by means of injecting faults during the computation of the signature primitive. The proposed method relies on faults injected during a multiplication employed to perform the signature recombination at the end of the ECDSA signing algorithm. Exploiting the faulty signatures, it is possible to reduce the size of the group of the discrete logarithm problem warranting the security margin up to a point where it is computationally treatable. The amount of faulty signatures requested to perform the attack is relatively small, ranging from 4 to a few tenths. The key retrieval can be applied to any key length, like those standardised by NIST, including the ones mandated for top secret documents by NSA suite B. The required post processing of the obtained faulty values is practical on a common consumer grade desktop. The procedure does not rely on any particular structure of the employed curve and may easily be extended to the regular DSA based on modular arithmetics.|
|Appare nelle tipologie:||04.1 Contributo in Atti di convegno|
File in questo prodotto:
|05955015.pdf||Articolo principale||283.12 kB||Adobe PDF||PDF editoriale||Accesso riservato|
- PubMed Central loading...
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.