New method and system for selecting plaintext combined attack by CRT-RSA

A CRT-RSA and selected plaintext technology, applied in the field of CRT-RSA selected plaintext joint attack, can solve the problem of no multi-point information leakage

Active Publication Date: 2018-11-16
CHENGDU UNIV OF INFORMATION TECH
View PDF6 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0016] And from the literature review, there is currently no indirect attack on the key parameter d for CRT-RSA p and d q , and then deduce the side-channel attack method of prime numbers p, q, and there is no combination of multi-point information leakage, and the secondary processing of the power difference in plaintext is used as the choice of plaintext side-channel attack method for the classification data set

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • New method and system for selecting plaintext combined attack by CRT-RSA
  • New method and system for selecting plaintext combined attack by CRT-RSA
  • New method and system for selecting plaintext combined attack by CRT-RSA

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0100]In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0101] At present, the side-channel attack methods for the CRT-RSA algorithm focus on directly attacking the leakage of power consumption information related to the prime numbers p and q. There are already corresponding defense methods for these side-channel attack methods. p, q cannot be effectively attacked.

[0102] The present invention will be further described below in conjunction with specific embodiments.

[0103] Such as figure 1 , the CRT-RSA chosen plaintext joint attack new method that the embodiment of the present invention provides, comprises:

[0104] (1) Calculate n groups of specific plaintext pairs (M, M'):...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the field of information security, and discloses a new method and system for selecting a plaintext combined attack by CRT-RSA. In the attack process, the dp and dq of the CRT-RSA algorithm are used as targets, and then the private key parameters p, q are derived; during the plaintext collision attack process, multiple sets of plaintext pairs are selected and superimposed,and the modular multiplication power consumption difference is subjected to secondary treatment as the collision classification set; in the attack process, combined with the access number power consumption power exponent Hamming weight information leakage in the CRT-RSA modular power exponentiation process, the modular multiplication power segmentation is performed, and the plaintext collision attack is selected by segments. The invention combines other information leakage in the process of CRT-RSA modular exponentiation (such as access number power consumption power exponent Hamming weight information leakage), performs modular multiplication power segmentation, implements segmented selection of plaintext collision attacks, and can avoid local collision attack errors, which improves the attack accuracy. Finally, the private key parameters p, q are derived, and the private key d value is restored.

Description

technical field [0001] The invention belongs to the field of information security, in particular to a new method and system for CRT-RSA selected plaintext joint attack. Background technique [0002] At present, the existing technologies commonly used in the industry are as follows: [0003] Most smart cards use the RSA cryptographic algorithm to realize the digital signature authentication function, but the fastest RSA encryption speed is 100 times slower than DES, regardless of software or hardware implementation, the speed has always been the defect of RSA. Since 1982, two Belgian scholars (Quisquate & Couvreur) proposed a variant algorithm of RSA based on the Chinese Remainder Theorem (Chinese Remainder Theorem CRT). The storage space of the table also reduces the execution speed of multiplication in the algorithm, so CRT-RSA is widely used in smart cards and embedded devices. [0004] In the standard RSA encryption algorithm, the RSA modulus N is the product of two lar...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/32H04L9/30H04L9/00
CPCH04L9/002H04L9/003H04L9/302H04L9/3249
Inventor 万武南陈俊
Owner CHENGDU UNIV OF INFORMATION TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap