Collision-based power analysis of modular exponentiation using chosen-message pairs

Naofumi Homma, Atsushi Miyamoto, Takafumi Aoki, Akashi Satoh, Adi Shamir

Research output: Chapter in Book/Report/Conference proceedingConference contribution

41 Citations (Scopus)


This paper proposes new chosen-message power-analysis attacks against public-key cryptosystems based on modular exponentiation, which use specific input pairs to generate collisions between squaring operations at different locations in the two power traces. Unlike previous attacks of this kind, the new attacks can be applied to all the standard implementations of the exponentiation process: binary (left-to-right and right-to-left), m-ary, and sliding window methods. The SPA countermeasure of inserting dummy multiplications can also be defeated (in some cases) by using the proposed attacks. The effectiveness of the attacks is demonstrated by actual experiments with hardware and software implementations of RSA on an FPGA and the PowerPC processor, respectively. In addition to the new collision generation methods, a high-accuracy waveform matching technique is introduced to detect the collisions even when the recorded signals are noisy and the clock has some jitter.

Original languageEnglish
Title of host publicationCryptographic Hardware and Embedded Systems - CHES 2008 - 10th International Workshop, Proceedings
Number of pages15
Publication statusPublished - 2008
Event10th International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2008 - Washington, D.C., United States
Duration: 2008 Aug 102008 Aug 13

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5154 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other10th International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2008
Country/TerritoryUnited States
CityWashington, D.C.


  • Modular exponentiation
  • Power-analysis attacks
  • RSA
  • Side-channel attacks
  • Waveform matching

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'Collision-based power analysis of modular exponentiation using chosen-message pairs'. Together they form a unique fingerprint.

Cite this