Skip to Main content Skip to Navigation
Conference papers

Modulus Fault Attacks against RSA-CRT Signatures

Eric Brier 1 David Naccache 2, 3 Phong Q. Nguyen 3, 2 Mehdi Tibouchi 2, 3 
2 CASCADE - Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities
DI-ENS - Département d'informatique - ENS Paris, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR 8548
Abstract : RSA-CRT fault attacks have been an active research area since their discovery by Boneh, DeMillo and Lipton in 1997. We present alternative key-recovery attacks on RSA-CRT signatures: instead of targeting one of the sub-exponentiations in RSA-CRT, we inject faults into the public modulus before CRT interpolation, which makes a number of countermeasures against Boneh et al.’s attack ineffective. Our attacks are based on orthogonal lattice techniques and are very efficient in practice: depending on the fault model, between 5 to 45 faults suffice to recover the RSA factorization within a few seconds. Our simplest attack requires that the adversary knows the faulty moduli, but more sophisticated variants work even if the moduli are unknown, under reasonable fault models. All our attacks have been fully validated experimentally with fault-injection laser techniques.
Document type :
Conference papers
Complete list of metadata
Contributor : Brigitte Briot Connect in order to contact the contributor
Submitted on : Tuesday, January 27, 2015 - 11:47:44 AM
Last modification on : Thursday, March 17, 2022 - 10:08:37 AM

Links full text




Eric Brier, David Naccache, Phong Q. Nguyen, Mehdi Tibouchi. Modulus Fault Attacks against RSA-CRT Signatures. CHES 2011 - 13th International Workshop Cryptographic Hardware and Embedded Systems, Sep 2011, Nara, Japan. pp.192-206, ⟨10.1007/978-3-642-23951-9_13⟩. ⟨hal-01109981⟩



Record views