Easily Overlooked Vulnerability in Implementation: Practical Fault Attack on ECDSA Round Counter.
IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS(2023)
Chinese Acad Sci
Abstract
Elliptic curve cryptographic is a widely used public-key cryptosystem. Though it has good theoretical security, it is still vulnerable to some physical attacks due to the implementation weakness. To resist the attacks, a number of physical countermeasures have been proposed. However, there are still some implementation vulnerabilities that may be overlooked, leading to more practical and effective attacks. In this article, we construct a new fault attack on round counter which is a component of scalar multiplications in ECDSA. The attack is divided into two parts. In the first part, the partial bits of nonce in each signature can be recovered by the fault injection on round counter. In the second part, an efficient lattice attack can be constructed to recover the private key by combining the recovered bits. Compared with other lattice-based fault attacks, our attack has the advantage of practicability and effectiveness. Especially, it has less requirement of moment precision and wide applicability of scalar multiplications, which is the critical factors for practicability and effectiveness. To verify the strength of our attack, we carry on the laser injection experiments, respectively, on an AVR MCU (ATmega163L) and a Kintex-7 FPGA (XC7K325T). The experimental results verify the practicability and effectiveness of the attack in both software and hardware platforms. Finally, we also propose two directions for efficient countermeasures against our attack.
MoreTranslated text
Key words
ECDSA,fault attack,laser injection,lattice,round counter
求助PDF
上传PDF
View via Publisher
AI Read Science
AI Summary
AI Summary is the key point extracted automatically understanding the full text of the paper, including the background, methods, results, conclusions, icons and other key content, so that you can get the outline of the paper at a glance.
Example
Background
Key content
Introduction
Methods
Results
Related work
Fund
Key content
- Pretraining has recently greatly promoted the development of natural language processing (NLP)
- We show that M6 outperforms the baselines in multimodal downstream tasks, and the large M6 with 10 parameters can reach a better performance
- We propose a method called M6 that is able to process information of multiple modalities and perform both single-modal and cross-modal understanding and generation
- The model is scaled to large model with 10 billion parameters with sophisticated deployment, and the 10 -parameter M6-large is the largest pretrained model in Chinese
- Experimental results show that our proposed M6 outperforms the baseline in a number of downstream tasks concerning both single modality and multiple modalities We will continue the pretraining of extremely large models by increasing data to explore the limit of its performance
Upload PDF to Generate Summary
Must-Reading Tree
Example
Generate MRT to find the research sequence of this paper
Data Disclaimer
The page data are from open Internet sources, cooperative publishers and automatic analysis results through AI technology. We do not make any commitments and guarantees for the validity, accuracy, correctness, reliability, completeness and timeliness of the page data. If you have any questions, please contact us by email: report@aminer.cn
Chat Paper
Summary is being generated by the instructions you defined