Open AccessPractical Second‐Order Correlation Power Analysis on the Message Blinding Method and Its Novel Countermeasure for RSA
Author(s) -
Kim HeeSeok,
Kim Tae Hyun,
Yoon Joong Chul,
Hong Seokhie
Publication year - 2010
Publication title -
etri journal
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.295
H-Index - 46
eISSN - 2233-7326
pISSN - 1225-6463
DOI - 10.4218/etrij.10.0109.0249
Subject(s) - power analysis , cryptosystem , computer science , blinding , countermeasure , binary number , cryptography , power (physics) , algorithm , computer security , mathematics , arithmetic , engineering , randomized controlled trial , aerospace engineering , medicine , physics , surgery , quantum mechanics
Recently power attacks on RSA cryptosystems have been widely investigated, and various countermeasures have been proposed. One of the most efficient and secure countermeasures is the message blinding method, which includes the RSA derivative of the binary‐with‐random‐initial‐point algorithm on elliptical curve cryptosystems. It is known to be secure against first‐order differential power analysis (DPA); however, it is susceptible to second‐order DPA. Although second‐order DPA gives some solutions for defeating message blinding methods, this kind of attack still has the practical difficulty of how to find the points of interest, that is, the exact moments when intermediate values are being manipulated. In this paper, we propose a practical second‐order correlation power analysis (SOCPA). Our attack can easily find points of interest in a power trace and find the private key with a small number of power traces. We also propose an efficient countermeasure which is secure against the proposed SOCPA as well as existing power attacks.