In a fault attack, errors are induced during the computation of a cryptographic primitive, and the faulty results are collected to derive information about the secret key stored nto the device in a non-readable way. We introduce a new fault model and attack methodology to recover the secret key employed in implementations of the Elliptic Curve Digital Signature Algorithm. Our attack exploits the information leakage induced when altering the execution of the modular arithmetic operations used in the signature primitive and does not rely on the properties of the underlying elliptic curve mathematical structure, thus being applicable to curves defined on both prime fields and binary fields. The attack is easily reproducible with low cost fault injection technologies relying on transient errors placed within a single datapath width of the target architecture.

Fault attack to the elliptic curve digital signature algorithm with multiple bit faults

BARENGHI, ALESSANDRO;BREVEGLIERI, LUCA ODDONE;PELOSI, GERARDO
2011

Abstract

In a fault attack, errors are induced during the computation of a cryptographic primitive, and the faulty results are collected to derive information about the secret key stored nto the device in a non-readable way. We introduce a new fault model and attack methodology to recover the secret key employed in implementations of the Elliptic Curve Digital Signature Algorithm. Our attack exploits the information leakage induced when altering the execution of the modular arithmetic operations used in the signature primitive and does not rely on the properties of the underlying elliptic curve mathematical structure, thus being applicable to curves defined on both prime fields and binary fields. The attack is easily reproducible with low cost fault injection technologies relying on transient errors placed within a single datapath width of the target architecture.
in Proceedings of The 4th International Conference on Security of Information and Networks
9781450310208
INF; security; cryptography; side channel attack; fault injection attack; digital signature; ECDSA; countermeasure
File in questo prodotto:
File Dimensione Formato  
p63-barenghi.pdf

Accesso riservato

Descrizione: main article
: Publisher’s version
Dimensione 745.24 kB
Formato Adobe PDF
745.24 kB Adobe PDF   Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11311/613726
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 5
  • ???jsp.display-item.citation.isi??? ND
social impact