Modular exponentiation has been the primary operation in most of the asymmetric cryptosystems. However, for large exponents which serves as the keys for encryption and decryption, conventional way to compute modular exponentiation is very time consuming. Hence, different binary methods based on bit wise "squaring-multiplication" operations is more widely used. However, these approaches are vulnerable to side-channel attacks, specially timing and power analysis attacks. Hence, these approaches are improved so that such attacks can be mitigated.
Two processes have been designed based on "Multiply-Always" binary method which injects dummy multiplications so that the original multiplications can remain intact. The two processes are being invoked based on a random variable which generates either 0 or 1. With these randomized modular exponentiation, the proposed approach can resist simple and differential power analysis attacks to a large extent. The proposed approach has been implemented using conventional "squaring-multiplication" and "Montgomery-Ladder" methods. Further, the work has also been extended to CRT-RSA which is widely used for fast computation. The analysishas been done for different key sizes of 1024 bit, 1536 bit and 2048 bit RSA & CRT-RSA.
Table of Contents
1 INTRODUCTION
1.1 Cryptography and attacks on Cryptosystem
1.2 Side-Channel Attacks
1.2.1 Timing Attacks
1.2.2 Electromagnetic Attacks
1.2.3 Fault Analysis Attacks
1.2.4 Power Analysis Attacks
1.3 Countermeasures
1.3.1 Software-based Approach
1.3.2 Hardware-based Approach
1.4 Objective of the Project
2 Power Analysis Attacks and Countermeasures
2.1 Power Analysis Attack
2.1.1 Simple Power Analysis Attacks:
2.1.2 Differential Power Analysis Attacks:
2.2 Power Analysis Attacks on Smart Card
2.3 Countermeasures
3 LITERATURE SURVEY
3.1 The RSA Cryptosystem
3.2 Implementing Modular Exponentiations
3.3 DPA Attacks on Modular Exponentiation
3.4 Resisting Modular Exponentiation against DPA attacks
4 Proposed Work
4.1 Generating processes
4.2 Randomization
4.3 Proposed Algorithm
4.4 Implementation in CRT-RSA
4.5 Security Analysis
5 Result and Analysis
5.1 Experimental Environment and Test Bench
5.2 System Configuration
5.3 The PKCS v2.1.10 Test Bench
5.3.1 1024 bit RSA
5.3.2 1536 bit RSA
5.3.3 2048 bit RSA
5.4 Complexity Analysis
5.5 Average Computation Time
6 Conclusion and future work
Project Goals and Thematic Focus
The main goal of this project is to develop an improved approach for modular exponentiation to effectively resist various power analysis attacks. The work addresses cryptographic vulnerabilities by incorporating dummy operations and randomized processes into standard binary methods, thereby complicating the extraction of secret keys from power consumption traces.
- Analysis of power analysis attacks and their impact on RSA cryptosystems.
- Development of randomized modular exponentiation algorithms to mitigate side-channel leaks.
- Implementation of dummy operations in "multiply-always" and "Montgomery-Ladder" methods.
- Extension of proposed security measures to CRT-RSA architectures for performance optimization.
- Evaluation of security and computational complexity across various key sizes (1024, 1536, and 2048 bits).
Excerpt from the Book
1.2 Side-Channel Attacks
Side-channel analysis refers to analysis of those properties which are independent of the cryptographic algorithms but of cryptographic devices. These analyses are made on power consumption, computation time, electro-magnetic effects etc. that leaks from a device. When these analyses are done to challenge the strength of a cryptographic algorithm in a device, they are termed as Side-Channel Attack (SCA). SCA depend on information collected from the physical system being used to encrpyt or decrypt. Successful side-channel attacks use the encrpytion process nor the plaintext to the encrypted but rather may be related to the amount of time it takes for a system to respond to queries, the amount of power consumed by encrypting system. It is a form of reverse engineering. Electronic circuits are inherently leaky-they produce emissions as byproducts that make it possible for an attacker without access to the circuitry itself to deduce how the circuit works and what data it is processing.
Some widely used side channel attacks are power analysis attacks, timing attacks, EM attacks, fault attacks etc. In asymmetric cryptosystem two different keys are generated to encrypt and decrypt the data. One kind of asymmetric cryptographic algorithm is Rivest-Shamir-Adleman (RSA) developed in 1977. RSA consists three phases they are:-
• Key generation for encrypting and decrypting data.
• Encryption for converting plain text to cipher text.
• Decryption for converting cipher text into plain text.
For performing encryption and decryption, two different keys are used. The key that is used for encryption and which is known to everyone is called "public-key". The key that is known by receiver only and remains secret is called "private-key". As RSA
Summary of Chapters
1 INTRODUCTION: This chapter provides an overview of cybersecurity challenges, the prevalence of hacker attacks, and the fundamentals of cryptography and side-channel threats.
2 Power Analysis Attacks and Countermeasures: This chapter details various power analysis techniques, specifically Simple Power Analysis (SPA) and Differential Power Analysis (DPA), and discusses the current state of countermeasures.
3 LITERATURE SURVEY: This chapter reviews the RSA cryptosystem, common modular exponentiation implementations, and existing research on resisting DPA attacks.
4 Proposed Work: This chapter introduces the core contribution of the project, including the design of two randomized processes and new algorithms for secured modular exponentiation.
5 Result and Analysis: This chapter presents the experimental setup, system configuration, and performance analysis comparing the proposed algorithms against traditional methods across different RSA key sizes.
6 Conclusion and future work: This chapter summarizes the research findings and outlines potential future improvements, specifically the integration of blinding and randomization techniques.
Keywords
Modular exponentiation, Side-channel attacks, RSA, Power analysis, Simple Power Analysis, Differential Power Analysis, Cryptography, Dummy multiplication, Montgomery-Ladder, Randomization, CRT-RSA, Security, Data dependency, Information security, Computational complexity.
Frequently Asked Questions
What is the primary focus of this research?
The research focuses on enhancing the security of modular exponentiation in asymmetric cryptosystems, specifically RSA, to defend against power analysis side-channel attacks.
Which types of attacks does the proposed method resist?
The proposed methods are designed to resist several side-channel attacks, including Simple Power Analysis (SPA), Differential Power Analysis (DPA), Doubling attacks, and C-safe error attacks.
What is the main objective of the project?
The objective is to introduce a new algorithm that uses randomized processes and dummy operations to make power consumption traces unpredictable, thereby preventing attackers from deriving secret keys.
What methodology is employed to achieve these results?
The project utilizes classical algorithms (multiply-always and Montgomery-ladder) as a base and modifies them by injecting dummy operations and using random variables to shuffle execution sequences.
What is covered in the main section of the paper?
The main sections cover the analysis of existing side-channel threats, the development of randomized algorithms for secured exponentiation, and a performance evaluation using PKCS v2.1.10 test benches.
Which keywords best characterize this work?
Key terms include modular exponentiation, power analysis, side-channel attacks, RSA, randomization, and dummy multiplication.
How do dummy operations help in preventing attacks?
Dummy operations act as a distraction, creating "noise" in the power trace, which makes it significantly more difficult for an attacker to identify the true sequence of multiplication and squaring operations.
Why was the work extended to include CRT-RSA?
CRT-RSA (Chinese Remainder Theorem) is widely used for fast computation in RSA decryption; extending the proposed security methods to CRT-RSA ensures that the increased security does not compromise the performance benefits of using large keys.
- Quote paper
- Moushumi Barman (Author), 2019, An Improved Modular Exponentiation To Resist Power Analysis Attacks, Munich, GRIN Verlag, https://www.grin.com/document/1609477
