Abstract
Since the introduction of side-channel attacks in the nineties, RSA implementations have been a privileged target. A wide variety of countermeasures have been proposed and most of practical attacks are nowadays efficiently defeated by them. However, in a recent work published at ICICS 2010, Clavier et al.have pointed out that almost all the existing countermeasures were ineffective if the attacks are performed with a modus operandi called Horizontal. Such attacks, originally introduced by Colin Walter at CHES 2001, involve a single observation trace contrary to the classical attacks where several ones are required. To defeat Horizontal attacks, the authors of the ICICS paper have proposed a set of new countermeasures. In this paper, we introduce a general framework enabling to model both Horizontal and classical attacks (called Vertical) in a simple way. This framework enables to enlighten the similarities and the differences of those attack types. From this formalism, we show that even if Clavier et al.’s countermeasures thwart existing attacks, they do not fully solve the leakage issue. Actually, flaws are exhibited in this paper and efficient attacks are devised. We eventually propose a new countermeasure.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Batina, L., Gierlichs, B., Prouff, E., Rivain, M., Standaert, F.-X., Veyrat-Charvillon, N.: Mutual Information Analysis: a Comprehensive Study. J. Cryptology 24(2), 269–291 (2011)
Bauer, A., Jaulmes, É., Prouff, E., Wild, J.: Horizontal and Vertical Side-Channel Attacks Against Secure RSA Implementations – Extended Version. To appear on the Cryptology ePrint Archive (2013)
Brier, E., Clavier, C., Olivier, F.: Correlation Power Analysis with a Leakage Model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)
Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)
Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Horizontal Correlation Analysis on Exponentiation. In: Soriano, M., Qing, S., López, J. (eds.) ICICS 2010. LNCS, vol. 6476, pp. 46–61. Springer, Heidelberg (2010)
Coron, J.-S.: Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 725–725. Springer, Heidelberg (1999)
Coron, J.-S.: A New DPA Countermeasure Based on Permutation Tables. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 278–292. Springer, Heidelberg (2008)
Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic Analysis: Concrete Results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)
Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual Information Analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008)
Goubin, L., Patarin, J.: DES and Differential Power Analysis – The Duplication Method. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 158–172. Springer, Heidelberg (1999)
Joye, M., Yen, S.-M.: The Montgomery Powering Ladder. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 291–302. Springer, Heidelberg (2003)
Knuth, D.E.: The Art of Computer Programming, Volume III: Sorting and Searching. Addison-Wesley (1973)
Koc, C.K.: Cryptographic Engineering. Springer (2008)
Kocher, P.C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Kocher, P.C., Jaffe, J., Jun, B., Rohatgi, P.: Introduction to Differential Power Analysis. J. Cryptographic Engineering 1(1), 5–27 (1998)
Messerges, T.S.: Using Second-Order Power Analysis to Attack DPA Resistant Software. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 238–251. Springer, Heidelberg (2000)
Prouff, E., Rivain, M., Bevan, R.: Statistical Analysis of Second-Order Differential Power Analysis. IEEE Trans. Computers 58(6), 799–811 (2009)
Quisquater, J.-J., Samylde, D.: A new Tool for non-Intrusive Analysis of Smart Cards based on Electro-Magnetic Emissions, the SEMA and DEMA Methods. Presented at the rump Session of Eurocrypt (2000)
Walter, C.D.: Sliding Windows Succumbs to Big Mac Attack. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 286–299. Springer, Heidelberg (2001)
Yen, S.-M., Joye, M.: Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis. IEEE Transactions on Computers 49(9), 967–970 (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bauer, A., Jaulmes, E., Prouff, E., Wild, J. (2013). Horizontal and Vertical Side-Channel Attacks against Secure RSA Implementations. In: Dawson, E. (eds) Topics in Cryptology – CT-RSA 2013. CT-RSA 2013. Lecture Notes in Computer Science, vol 7779. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-36095-4_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-36095-4_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-36094-7
Online ISBN: 978-3-642-36095-4
eBook Packages: Computer ScienceComputer Science (R0)