A multi-directional signature method for preventing side-channel attacks

A channel attack and multi-directional technology, applied in the field of information security, can solve problems such as weight inconsistency, attack, and inability to defend

Active Publication Date: 2019-06-18
BEIJING HONGSI ELECTRONICS TECH
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, none of the solutions can protect against all the attack methods proposed above.
And due to the recent improvement of attack tools and attack methods, previous schemes similar to Montgomery ladder are easy to be attacked by SPA because of jumps in implementation, and if the Hamming weights of the operands are inconsistent, they are also easy to be attacked.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A multi-directional signature method for preventing side-channel attacks
  • A multi-directional signature method for preventing side-channel attacks
  • A multi-directional signature method for preventing side-channel attacks

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0031] A multi-directional anti-side channel attack signature method and scheme, the common RSA secret key is divided into public key and private key, where e and N are RSA public keys; d and N are RSA private keys.

[0032] The method of common RSA key signature is: Sign(M)=M d mod N. Among them, M is the abstract to be signed entered by the user; N and d are private keys, and N is the modulus.

[0033] Based on the basic modular exponentiation and modular exponentiation check, a multi-directional anti-side channel attack signature scheme is as follows:

[0034] (RSA signature) Sign(M,e,d,N);

[0035] Generate random number trng1, calculate z1=trng1*(e*d-1)-d;

[0036] Generate random number trng, calculate (S 0 ,S 1 )=EXP(trng,z1,N); if return 1, output S 0 , S 1 Continue to execute 3, otherwise return 0 directly without outputting any results;

[0037] Generate random number trng2, calculate z2=trng2*(e*d-1)+d;

[0038] Calculate maskM=M*trngmodN;

[0039] Calcula...

example 2

[0061] Input the modulus N of RSA, the message M, the length of the private key element d is t, the length of the public key element e is 32 or less than or equal to the number of bits of N, and ensure that M is less than N

[0062] Generate a random number trng1 with a length of t bits, and use the random number to multiply the public key element e and the private key element d successively, subtract the currently used random number trng1 from the operation result, and subtract the private key element d to obtain the data z1

[0063] Generate a random number trng2 with a length of t bits, take the data as the base, and the data z1 obtained in 2 as the index (its bit length is bitlen bits), and perform the following operations:

[0064] Set 3 blocks (respectively S 0 , S 1 , A) space of t bits, the three spaces are respectively assigned; S 0 = S 1 = 1, A = trng2

[0065] b. i performs the following process from 0 to bitlen:

[0066] ① Obtain the current bit value of z1

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a signature method of preventing side-channel attack from multi-azimuth. The signature method of preventing side-channel attack from multi-azimuth is characterized in that the technology or similar technology contained in the signature method masks the base, and an RSA signature or other public key system signatures are obtained; in the signature method of preventing side-channel attack from multi-azimuth, two module exponentiation results are obtained at the same time, and the power exponents are radix minus one complement for each other; when modular exponentiation is realized, the verification technology of preventing outputting error data is used; and for the modular exponentiation algorithm which does not use the jump statement, the signature method of preventing side-channel attack from multi-azimuth is the technology that during the operation process, the data or the operation result data is equal to the Hamming weight. The signature method of preventing side-channel attack from multi-azimuth effectively protects the step which is known and is easy to be attacked during the RSA STD operation process. The modular exponentiation provided by the signature method of preventing side-channel attack from multi-azimuth can be fully applied to the RSA CRT operation, and can realize that the algorithm of the modular exponentiation algorithm and the complementary power can be transplanted to the point multiplication operation of SM2 at the same time. The test that whether the module exponentiation is attacked can be similarly transplanted in the point multiplication operation of SM2.

Description

technical field [0001] The invention relates to the field of information security, in particular to a multi-directional signature method for preventing side channel attacks. Background technique [0002] The RSA public key encryption algorithm is a relatively mainstream public key cryptography technology in the field of information security. Various Keys and smart cards based on RSA have been widely used in various fields such as finance, communication, social security, and transportation. Traditional attacks on RSA are mainly based on large prime number decomposition algorithms in mathematics. In recent years, side-channel attacks have developed rapidly, and various attack methods have emerged in an endless stream. [0003] In the past, the protection of RSA signature mainly considered SPA, DPA, CPA, double attack and error attack. In order to prevent the above attacks, the existing schemes generally mask the exponent and the base when calculating the modular exponentiati...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32H04L9/00
CPCH04L9/002H04L9/003H04L9/3249
Inventor 王亚伟王磊张文婧雷艳
Owner BEIJING HONGSI ELECTRONICS TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products