1 / 17

RSA Speedup with Chinese Remainder Theorem Immune against Hardware Fault Cryptanalysis

RSA Speedup with Chinese Remainder Theorem Immune against Hardware Fault Cryptanalysis. Author: Sung-Ming Yen, Seugjoo Kim, Seongan Lim and Sang-Jae Moon Source: IEEE Transactions on Computers, Vol.52, No.4, pp. 461-472, April 2003 Data: 10/2/2003

lezlie
Download Presentation

RSA Speedup with Chinese Remainder Theorem Immune against Hardware Fault Cryptanalysis

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. RSA Speedup with Chinese Remainder Theorem Immune against Hardware Fault Cryptanalysis Author: Sung-Ming Yen, Seugjoo Kim, Seongan Lim and Sang-Jae Moon Source: IEEE Transactions on Computers, Vol.52, No.4, pp. 461-472, April 2003 Data: 10/2/2003 Speaker: Jui-Yi Kuo

  2. Outline • Motivation • Previous Countermeasures • CRT-1 Protocol & CRT-2 Protocol • Performance • Conclusions

  3. Motivation • Sign by Smart IC card • Computing in finite resource • How to Speedup • How to Immune against Hardware Fault Cryptanalysis

  4. and where CRT(Chinese Remainder Theorem)

  5. RSA notation m : message s : signature for m d : secret key e, n: public key p,q : primes

  6. sig RSA signature m m m send ? S Secret d

  7. The CRT-Based Cryptanalysis

  8. Previous Countermeasures • Performing calculations twice • Applying a verification on the computed result to detect any fault

  9. CRT-1 Protocol

  10. CRT-1 Protocol (Cont.)

  11. CRT-1 Protocol (Example)

  12. CRT-1 Protocol (Example-Cont.)

  13. CRT-2 Protocol

  14. CRT-2 Protocol (Example)

  15. Performance • Step2 of CRT-1 need more time but less resource than Step2 of CRT-2 • Some computation of CRT can be finished earlier

  16. CRT-Based CRT-1 CRT-2 when One of sp and sq is error One of sp and sq is error with er be known One of sp and sq is error with er be known O(1) O(n) O(n) Performance(Complexity) Complexity of that generate p or q

  17. Conclusions • Two novel protocols can speed up the RSA signature or decryption with RNS(residue number system) • Immune against hardware fault cryptanalysis • No need to performing calculations twice and Applying a verification on the computed result to detect any fault

More Related