Cryptography Reference
In-Depth Information
Fig. 18.11
Power consumption and result of C safe-error attack against LR binary using dummy
operations
When we inject faults into the RSA calculation, we shift the timing of the fault
injection that consists of a continuous clock of 60 cycles with the glitch. We try to
retrieve the exponent bit of the secret key, for the RSA modules with the dummy
operation using the C safe error attack. As an example, Fig. 18.11 shows the power
consumption and the result of the C safe-error attack against the left to right binary
method with dummy operations. The points in this figure show the error occurrence
in the output. In this figure, we cannot recognize which operation is the dummy from
the power consumption. However, by executing the C safe-error attack, we can easily
find that the calculation with no error is a dummy operation, and the exponent bits
can be obtained by examining whether or not the output is correct. In the same way,
we also succeed in retrieving the private key from other RSA modules with dummy
operations.
Search WWH ::




Custom Search