NC State University

Department of Computer Science Colloquia 2002-2003

Date:   Monday, February 3, 2003
Time:   3:00 PM (Talk)
Place:   EGRC 246, NCSU Centennial Campus (click for courtesy parking request)

Speaker:   Dimitris N. Serpanos , University of Patras, Greece

An Effective Active Attack on Fiat-Shamir Systems

Abstract:   Hardware or side-channel cryptanalysis, in contrast to mathematical cryptanalysis, targets on implementations of cryptographic algorithms. This innovative method uses a side-channel, which transmits information of the secret components of the cryptosystem. In passive hardware cryptanalysis, the channel is a measurable parameter of the implementation, such as time delay of the execution of a cryptographic algorithm, power consumption and EM radiation. In active hardware cryptanalysis, the side-channel is implemented with hardware fault injections, which cause faulty computations that result to leakage of secret key information. Active attacks were introduced with the known Bellcore attacks which target implementations of RSA (using Chinese Remainder Theorem or Montgomery arithmetic), Schnorr's scheme and Fiat-Shamir identification scheme. In this work, we prove that the Bellcore attack on Fiat-Shamir systems is incomplete, because it is based on an assumption that does not always hold. Thus, there are exist configurations of Fiat-Shamir systems that can defend against the Bellcore attack. We introduce a new active (hardware) attack and we prove that it is effective against all possible Fiat-Shamir configurations. This new attack is not only successful, but efficient and realistic for typical environments that use Fiat-Shamir, such as smart cards. This work is joint with A. Voyiatzis.

Short Bio:   See http://www.clab.ee.upatras.gr/serpanosshort.htm.

Host:   Harry Perros, Computer Science

Colloquia Home Page.