Colin D. Walter

Cryptographic Hardware and Embedded Systems - CHES 2003

We introduce multi-channel attacks, i.e., side-channel attacks which utilize multiple side-channels such as power and EM simultaneously. We propose an adversarial model which combines a CMOS leakage model and the maximum-likelihood principle for performing and analyzing such attacks. This model is essential for deriving the optimal and very often counter-intuitive techniques for channel selection and data analysis. We show that using multiple channels is better for template attacks by experimentally showing a three-fold reduction in the error probability. Developing sound countermeasures against multi-channel attacks requires a rigorous leakage assessment methodology. Under suitable assumptions and approximations, our model also yields a practical assessment methodology for net information leakage from the power and all available EM channels in constrained devices such as chip-cards. Classical DPA/DEMA style attacks assume an adversary weaker than that of our model. For this adversary, we apply the maximum-likelihood principle to such design new and more efficient single and multiple-channel DPA/DEMA attacks.

Hardware implementation of Montgomery's modular multiplication algorithm

Hardware is described for implementing the fast modular multiplication algorithm developed by P.L. Montgomery (1985). Comparison with previous techniques shows that this algorithm is up to twice as fast as the best currently available and is more suitable for alternative architectures. The gain in speed arises from the faster clock that results from simpler combinational logic. >

Systolic modular multiplication

A systolic array for modular multiplication is presented using the ideally suited algorithm of P.L. Montgomery (1985). Throughput is one modular multiplication every clock cycle, with a latency of 2n+2 cycles for multiplicands having n digits. Its main use would be where many consecutive multiplications are done, as in RSA cryptosystems. >

Sliding Windows Succumbs to Big Mac Attack

Sliding Windows is a general technique for obtaining an efficient exponentiation scheme. Big Mac is a specific form of attack on a cryptosystem in which bits of a secret key can be deduced independently, or almost so, of the others. Here such an attack on an implementation of the RSA cryptosystem is described. It assumes digit-by-digit computations are performed sequentially on a single k-bit multiplier and uses information which leaks through differential power analysis (DPA). With sufficiently powerful monitoring equipment, only a small number of exponentiations, independent of the key length, is enough to reveal the secret exponent from unknown plaintext inputs. Since the technique may work for a single exponentiation, many blinding techniques currently under consideration may be rendered useless. This is particularly relevant to implementations with single processors where a digit multiplication cannot be masked by other simultaneous processing. Moreover, the longer the key length, the easier the attacks becomes.

Distinguishing Exponent Digits by Observing Modular Subtractions

We analyse timing variations in an implementation of modular multiplication which has certain standard characteristics. This shows that squarings and multiplications behave differently when averaged over a number of random observations. Since power analysis can reveal such data, secret RSA exponents can be deduced if a standard square and multiply exponentiation algorithm is used. No knowledge of the modulus or input is required to do this. The technique generalises to the m-ary and sliding windows exponentiation methods since different multipliers can be distinguished. Moreover, only a small number of observations (independent of the key size and well under 1k) are required to perform the cryptanalysis successfully. Thus, if the modular multiplication algorithm cannot be made any safer, the exponent must be modified on every use.

Montgomery's Multiplication Technique: How to Make It Smaller and Faster

Montgomerys modular multiplication algorithm has enabled considerable progress to be made in the speeding up of RSA cryptosystems. Perhaps the systolic array implementation stands out most in the history of its success. This article gives a brief history of its implementation in hardware, taking a broad view of the many aspects which need to be considered in chip design. Among these are trade-offs between area and time, higher radix methods, communications both within the circuitry and with the rest of the world, and, as the technology shrinks, testing, fault tolerance, checker functions and error correction. We conclude that a linear, pipelined implementation of the algorithm may be part of best policy in thwarting differential power attacks against RSA.

MIST: An Efficient, Randomized Exponentiation Algorithm for Resisting Power Analysis

The MIST algorithm generates randomly different addition chains for performing a particular exponentiation. This means that power attacks which require averaging over a number of exponentiation power traces becomes impossible. Moreover, attacks which are based on recognising repeated use of the same pre-computed multipliers during an individual exponentiation are also infeasible. The algorithm is particularly well suited to cryptographic functions which depend on exponentiation and which are implemented in embedded systems such as smart cards. It is more efficient than the normal square-and-multiply algorithm and uses less memory than 4-ary exponentiation.

Faster Modular Multiplication by Operand Scaling

There are a number of techniques known for speeding up modular multiplication, which is the main arithmetic operation in RSA cryptography. This note shows how to gain speed by scaling the modulus. Resulting hardware is limited only by the speed of addition. Detailed analysis of fan out shows that over existing methods the speedup is potentially as much as two-fold. This is because the addition and fan out can now be done in parallel. Of course, in RSA the modulus can be chosen to need no scaling, so that most of the minor extra costs are eliminated.

Precise Bounds for Montgomery Modular Multiplication and Some Potentially Insecure RSA Moduli

An optimal upper bound for the number of iterations and precise bounds for the output are established for the version of Montgomery Modular Multiplication from which conditional statements have been eliminated. The removal of such statements is done to avoid timing attacks on embedded cryptosystems but it can mean greater execution time. Unfortunately, this inefficiency is close to its maximal for standard RSA key lengths such as 512 or 1024 bits. Certain such keys are then potentially subject to attack using differential power analysis. These keys are identified, but they are rare and the danger is minimal. The improved bounds, however, lead to consequent savings in hardware.

Space/time trade-offs for higher radix modular multiplication using repeated addition

The value of using a higher radix for modular multiplication in the context of RSA is investigated. The main conclusion is that for algorithms which perform the multiplication via repeated addition, there is, broadly speaking, a direct trade-off between space and time provided by change of radix. Thus chip area utilized is roughly proportional to speed. However, initially, as the radix is increased from 2, there is a short-lived increase in speed greater than the extra area used.