Improved Fault Analysis of Signature Schemes

Christophe Giraud, Eric W. Knudsen, Michael Tunstall

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

4 Citations (Scopus)


At ACISP 2004, Giraud and Knudsen presented the first fault analysis of DSA, ECDSA, XTR-DSA, Schnorr and ElGamal signatures schemes that considered faults affecting one byte. They showed that 2304 faulty signatures would be expected to reduce the number of possible keys to 240, allowing a 160-bit private key to be recovered. In this paper we show that Giraud and Knudsen’s fault attack is much more efficient than originally claimed. We prove that 34.3% less faulty signatures are required to recover a private key using the same fault model. We also show that their original way of expressing the fault model under a system of equations can be improved. A more precise expression allows us to obtain another improvement of up to 47.1%, depending on the values of the key byte affected.
Translated title of the contributionImproved Fault Analysis of Signature Schemes
Original languageEnglish
Title of host publicationSmart Card Research and Advanced Application - CARDIS 2010
PublisherSpringer Berlin Heidelberg
Publication statusPublished - 2010

Bibliographical note

Other page information: 164-181
Conference Proceedings/Title of Journal: Smart Card Research and Advanced Application -- CARDIS 2010
Other identifier: 2001187


Dive into the research topics of 'Improved Fault Analysis of Signature Schemes'. Together they form a unique fingerprint.

Cite this