Fault-injection Attack and Improvement of a CRT-RSA Exponentiation Algorithm

Open Webpage

Fanyu Kong, Guoqiang Yang, Huiyi Liu, Yali Jiang, Chengyu Hu, Dashui Zhou

Published: 01 Jan 2019, Last Modified: 10 Feb 2025ICCNS 2019EveryoneRevisionsBibTeXCC BY-SA 4.0
Abstract: RSA cryptosystem is a widely-used public-key cryptographic algorithm in TLS/SSL and IPSec protocols. Fault-injection attack has a powerful threat on the CRT-based implementation of RSA cryptosystem. In 2016, Y. Choi et al. proposed a new right-to-left square-always exponentiation algorithm and a test-based CRT-RSA exponentiation algorithm to defeat the fault-injection attack. In this paper, we propose a fault-injection attack on Y. Choi et al.'s test-based CRT-RSA exponentiation algorithm. By inducing a permanent fault in the computation process of CRT-RSA cryptosystem, the attacker can obtain a faulty RSA signature and then recover the RSA private key. Furthermore, we give an improved CRT-RSA exponentiation algorithm to fix the security flaw. The security analysis shows that the improved algorithm can resist the fault-injection attack.

OpenReview is a long-term project to advance science through improved peer review with legal nonprofit status. We gratefully acknowledge the support of the OpenReview Sponsors. © 2025 OpenReview