For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Asymmetric Leakage from Multiplier and Collision-Based Single-Shot Side-Channel Attack
Takeshi SUGAWARA Daisuke SUZUKI Minoru SAEKI
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences
Publication Date: 2016/07/01
Online ISSN: 1745-1337
Type of Manuscript: Special Section PAPER (Special Section on Design Methodologies for System on a Chip)
RSA, side-channel attack, collision attack, Montgomery multiplication,
Full Text: PDF(1.7MB)>>
The single-shot collision attack on RSA proposed by Hanley et al. is studied focusing on the difference between two operands of multiplier. It is shown that how leakage from integer multiplier and long-integer multiplication algorithm can be asymmetric between two operands. The asymmetric leakage is verified with experiments on FPGA and micro-controller platforms. Moreover, we show an experimental result in which success and failure of the attack is determined by the order of operands. Therefore, designing operand order can be a cost-effective countermeasure. Meanwhile we also show a case in which a particular countermeasure becomes ineffective when the asymmetric leakage is considered. In addition to the above main contribution, an extension of the attack by Hanley et al. using the signal-processing technique of Big Mac Attack is presented.