检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:陈财森[1] 王韬[1] 寇应展[1] 张金中[1]
机构地区:[1]军械工程学院计算机工程系,石家庄050003
出 处:《计算机科学》2011年第10期68-71,共4页Computer Science
基 金:国家自然科学基金(60772082);河北省自然科学基金(08M010)资助
摘 要:原有的基于模幂运算故障的RSA-CRT故障攻击算法,因添加了错误检验操作而失效。为寻找新的故障攻击方法,以Shamir防御算法为攻击分析对象,对CRT组合运算步骤产生故障的情况进行分析,建立了基于CRT组合运算故障的攻击模型,提出了能够完整推算出RSA密钥的故障攻击算法。进行了推导论证和实验仿真,结果表明原有防御措施并不能有效地抵御故障攻击,新的攻击算法具有良好的可行性,在算法复杂度上,对固定故障值仅需2个注入故障,对随机故障给出优化的密钥空间搜索方案。最后分析了原有防御算法的问题,同时给出相应的防御建议。The former fault analysis can not attack on RSA-CRT with corresponding countermeasure.In order to find the new vulnerability to fault analysis,this paper took Shamir countermeasure as the analyzed object.An attack model based on fault in CRT combination operation was advanced,and gave a differential fault analysis algorithm that can completely recover the RSA key.The fact that the previous countermeasures can not effectively resist the differential fault analysis was demonstrated,and the complexity of our attack was estimated both by a theoretical analysis and software simulations.Experiment results show that the new fault analysis algorithm has well feasibility;it only requires two fault injections for permanent fault,and an improved scheme of key searching for random fault is advanced.Finally,a corresponding advice on countermeasure to differential fault analysis was given by analyzing the problem of previous countermeasures.
关 键 词:旁路攻击 故障分析 中国剩余定理 RSA密码算法
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.218.65.88