http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
An Improved Square-always Exponentiation Resistant to Side-channel Attacks on RSA Implementation
Choi, Yongje,Choi, Dooho,Lee, Hoonjae,Ha, Jaecheol AUTOSOFT PRESS 2016 INTELLIGENT AUTOMATION AND SOFT COMPUTING Vol.22 No.3
<P>Many cryptographic algorithms embedded in security devices have been used to strengthen homeland defense capability and protect critical information from cyber attacks. The RSA cryptosystem with the naive implementation of an exponentiation may reveal a secret key by two types of side-channel attacks, namely passive leakage information analysis and active fault injection attacks. Recently, a square-always exponentiation algorithm in which the multiplication is traded for squarings has been proposed. This novel algorithm for RSA implementation is faster than other regularity-based countermeasures and is resistant to SPA (simple power analysis) and fault injection attacks. This paper shows that the right-to-left version of square-always exponentiation algorithm is vulnerable to several side-channel attacks, namely collision distance-based doubling, chosen-message CPA (collision power analysis), and horizontal CPA-based combined attacks. Furthermore, an improved right-to-left square-always algorithm adopting the additive message blinding method and the intermediate message update technique is proposed to defeat previous and proposed side-channel attacks. The proposed exponentiation algorithm can be employed for secure CRT-RSA (RSA based on the Chinese remainder theorem) implementation resistant to the Bellcore attack. The paper presents some experimental results for the proposed power analysis attacks using an evaluation board.</P>
최용제(Yongje Choi),김호원(Howon Kim),류재철(Jaecheol Ryou) 대한전자공학회 2007 대한전자공학회 학술대회 Vol.2007 No.11
In this paper, we implemented low power AES hardware and applied it to a passive RFID tag¹. If initial value and key are inputted, the crypto module generates key bit streams for data encryption without any control. And we can tradeoff between the operation time and its security strength through changing round value. It is synthesized with SAMSUNG 0.25㎛ CMOS technology and has a hardware size of 7k gates.