Chosen-message SPA attacks against FPGA-based RSA hardware implementations

Atsushi Miyamoto, Naofumi Homma, Takqfumi Aoki, Akashi Satoh

Research output: Chapter in Book/Report/Conference proceedingConference contribution

17 Citations (Scopus)

Abstract

This paper presents SPA (Simple Power Analysis) attacks against public-key eryptosystems implemented on an FPGA platform. The SPA attack investigates a power waveform generated by a cryptographic module, and reveals a secret key in the module. We focus on chosen-message SPA attacks, which enhances the differences of operating waveforms between multiplication and squaring correlated to the secret key by using the input of particular messages. In particular, Yen showed a unique SPA attack against RSA cryp-tosystem, but no verification experiment using actual software or hardware was performed. In this paper, we implemented four-types of RSA processors on an FPGA platform in combination with two variants of the Montgomery multiplication algorithm and two different types of multipliers for SPA attacks experiments. Then we demonstrated effectiveness of various chosen-message attacks as well as Yen's method, and investigated the characteristics of the attacks depending on the hardware architectures.

Original languageEnglish
Title of host publicationProceedings - 2008 International Conference on Field Programmable Logic and Applications, FPL
Pages35-40
Number of pages6
DOIs
Publication statusPublished - 2008
Event2008 International Conference on Field Programmable Logic and Applications, FPL - Heidelberg, Germany
Duration: 2008 Sep 82008 Sep 10

Publication series

NameProceedings - 2008 International Conference on Field Programmable Logic and Applications, FPL

Other

Other2008 International Conference on Field Programmable Logic and Applications, FPL
Country/TerritoryGermany
CityHeidelberg
Period08/9/808/9/10

ASJC Scopus subject areas

  • Hardware and Architecture

Fingerprint

Dive into the research topics of 'Chosen-message SPA attacks against FPGA-based RSA hardware implementations'. Together they form a unique fingerprint.

Cite this