Paper 2013/447

Dynamic Runtime Methods to Enhance Private Key Blinding

Karine Gandolfi-Villegas and Nabil Hamzi

Abstract

In this paper we propose new methods to blind exponents used in RSA and in elliptic curves based algorithms. Due to classical differential power analysis (DPA and CPA), a lot of countermeasures to protect exponents have been proposed since 1999 Kocher [20] and by Coron [13]. However, these blinding methods present some drawbacks regarding execution time and memory cost. It also got some weaknesses. Indeed they could also be targeted by some attacks such as The Carry Leakage on the Randomized Exponent proposed by P.A. Fouque et al. in [23] or inefficient against some others analysis such as Single Power Analysis. In this article, we explain how the most used method could be exploited when an attacker can access test samples. We target here new dynamic blinding methods in order to prevent from any learning phase and also to improve the resistance against the latest side channel analyses published.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published elsewhere. Unknown where it was published
Keywords
Reverse engineeringexponent blindingside channel attacksRSAECC
Contact author(s)
nabil hamzi @ gemalto com
History
2013-07-22: received
Short URL
https://ia.cr/2013/447
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2013/447,
      author = {Karine Gandolfi-Villegas and Nabil Hamzi},
      title = {Dynamic Runtime Methods to Enhance Private Key Blinding},
      howpublished = {Cryptology ePrint Archive, Paper 2013/447},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/447}},
      url = {https://eprint.iacr.org/2013/447}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.