A new style CPA attack on the ML implementation of RSA

“…RSA was also implemented using the Montgomery power ladder (ML) multiplication [16, 17]. With RSA implemented in ML, two multiplications remained independent and two shared the same operand.…”

“…The works of Kuzu et al . [16, 17] and Jia and Xie [18] showed how easily they could discover the mode of RSA implementation as well as decryption key from fewer traces using CPA.…”

“…DPA attacks had been very successful in challenging the security of private key cryptosystems like Data Encryption Standard (DES), Advanced Encryption Standard (AES) and so on [3–6] and public key cryptosystems like Rivest‐Shamir‐Adleman (RSA), Diffie Hellman, Elliptic Curve Cryptography (ECC) [7–13]. Correlation power analysis (CPA), which was an extension to DPA, used techniques like Pearson's correlation analysis, mutual information analysis and so on after conventional DPA steps to provide more efficient results even with fewer number of power traces [14–17]. CPA had significantly contributed in power analysis research.…”

“…The RSA cryptosystem which could provide both security and authentication has been one of the most prominent public key cryptosystems. However, it had also been vulnerable to DPA [8–13] and CPA [15–18]. One way to resist such attack was to randomise the variations in instantaneous power consumption, another way was to completely hide these variations from attackers.…”

Securing RSA against power analysis attacks through non‐uniform exponent partitioning with randomisation

“…RSA was also implemented using the Montgomery power ladder (ML) multiplication [16, 17]. With RSA implemented in ML, two multiplications remained independent and two shared the same operand.…”

“…The works of Kuzu et al . [16, 17] and Jia and Xie [18] showed how easily they could discover the mode of RSA implementation as well as decryption key from fewer traces using CPA.…”

“…DPA attacks had been very successful in challenging the security of private key cryptosystems like Data Encryption Standard (DES), Advanced Encryption Standard (AES) and so on [3–6] and public key cryptosystems like Rivest‐Shamir‐Adleman (RSA), Diffie Hellman, Elliptic Curve Cryptography (ECC) [7–13]. Correlation power analysis (CPA), which was an extension to DPA, used techniques like Pearson's correlation analysis, mutual information analysis and so on after conventional DPA steps to provide more efficient results even with fewer number of power traces [14–17]. CPA had significantly contributed in power analysis research.…”

“…The RSA cryptosystem which could provide both security and authentication has been one of the most prominent public key cryptosystems. However, it had also been vulnerable to DPA [8–13] and CPA [15–18]. One way to resist such attack was to randomise the variations in instantaneous power consumption, another way was to completely hide these variations from attackers.…”

Securing RSA against power analysis attacks through non‐uniform exponent partitioning with randomisation

Comparative Modular Exponentiation with Randomized Exponent to Resist Power Analysis Attacks

A CPA attack against cryptographic hardware implementation on SASEBO-GII