Different types of implementation attacks, like those based on side channel leakage and active fault injection, are often considered as separate threats. Countermeasures are, therefore, often developed and implemented accordingly. However, Amiel et al. showed that an adversary can successfully combine two attack methods to overcome such countermeasures. In this paper, we consider instances of these combined attacks applied to RSA and elliptic curve-based cryptosystems. We show how previously proposed countermeasures may fail to thwart these attacks, and propose a countermeasure that protects the variables in a generic exponentiation algorithm in the same scenario.
|Translated title of the contribution||Combined Implementation Attack Resistant Exponentiation|
|Title of host publication||Latincrypt 2010|
|Publisher||Springer Berlin Heidelberg|
|Publication status||Published - 2010|
Bibliographical noteOther page information: 305-322
Conference Proceedings/Title of Journal: Latincrypt 2010
Other identifier: 2001249