An optimized cross correlation power attack of message blinding exponentiation algorithms

Wan, Wunan; Yang, Wei; Chen, Jun

doi:10.1109/cc.2015.7122478

Cited by 12 publications

(4 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In additon, the extractors for symmetric ciphers mentioned in this paper require the knowledge of plaintexts. Recently, several high-efficient attacks on asymmetric ciphers like RSA have been presented in [14], [3], [36]. Wan et al in [35] even proposed a cluster CPA against double blinding exponentiation (i.e.…”

Section: Discussionmentioning

confidence: 99%

SNR-Centric Power Trace Extractors for Side-Channel Attacks

Lam

Sun

et al. 2021

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

View full text Add to dashboard Cite

Existing power trace extractors consider the case where the number of power traces available to the attacker is sufficient to guarantee successful attacks, and the goal of power trace extraction is to extract a small part of traces with high Signal-to-Noise Ratio (SNR) to reduce the complexity of attacks rather than to increase the success rates. Although strict theoretical proofs are given, the existing power trace extractors are too simple and leakage characteristics of Points-Of-Interest (POIs) have not been thoroughly analyzed. They only maximize the variance of data-dependent power consumption component and ignore the noise component, which results in very limited SNR that hampers the performance of extractors. In this paper, we provide a rigorous theoretical analysis of SNR of power traces, and propose a simple yet efficient SNR-centric extractor, named Shortest Distance First (SDF), to extract power traces with the smallest estimated noise by taking advantage of known plaintexts. In addition, to maximize the variance of the exploitable component while minimizing the noise, we refer to the SNR estimation model and propose another novel extractor named Maximizing Estimated SNR First (MESF). Finally, we further propose an advanced extractor called Mean-optimized MESF (MMESF) that exploits the mean power consumption of each plaintext byte value to more accurately and reasonably estimate the data-dependent power consumption of the corresponding samples. Experiments on both simulated power traces and measurements from an ATmega328p micro-controller demonstrate the superiority of our new extractors.

show abstract

Section: Discussionmentioning

confidence: 99%

SNR-Centric Power Trace Extractors for Side-Channel Attacks

Lam

Sun

et al. 2021

IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst.

View full text Add to dashboard Cite

show abstract

“…Akalp et al [31] proposed two correlation attacks on a Montgomery ladder implementation of the RSA algorithm. The cross correlation technique was introduced in Wan et al [32], and the secret exponent with message blinding can be recovered by using this attack.…”

Section: Related Workmentioning

confidence: 99%

Clustering Collision Power Attack on RSA-CRT

Wan¹,

Chen²,

Xia³

et al. 2021

Computer Systems Science and Engineering

Self Cite

View full text Add to dashboard Cite

In this paper, we propose two new attack algorithms on RSA implementations with CRT (Chinese remainder theorem). To improve the attack efficiency considerably, a clustering collision power attack on RSA with CRT is introduced via chosen-message pairs. This attack method is that the key parameters d p and d q are segmented by byte, and the modular multiplication collisions are identified by k-means clustering. The exponents d p and d q were recovered by 12 power traces of six groups of the specific message pairs, and the exponent d was obtained. We also propose a second order clustering collision power analysis attack against RSA implementation with CRT, which applies double blinding exponentiation. To reduce noise and artificial participation, we analyze the power points of interest by preprocessing and k-means clustering with horizontal correlation collisions. Thus, we recovered approximately 91% of the secret exponents manipulated with a single power curve on RSA-CRT with countermeasures of double blinding methods.

show abstract

“…Many other resisting techniques appeared in literature [24–28] which used these concepts more efficiently. However, RSA still remained vulnerable to power analysis attacks in [30–33] which challenged most the resisting techniques.…”

Section: Background and Related Workmentioning

confidence: 99%

“…Based on these approaches, many resisting techniques have been designed [19–29]. However, the advancements in DPA and CPA have again questioned the strength of these resisting techniques [30–33].…”

Section: Introductionmentioning

confidence: 99%