1 / 43

Efficient CRT-Based RSA Cryptosystems Immune against the Hardware Fault Attack and

Efficient CRT-Based RSA Cryptosystems Immune against the Hardware Fault Attack and the FPGA Implementations. Yonghong Yang. Supervisors: Prof. Z. Abid & Prof. W. Wang. Department of Electrical and Computer Engineering the University of Western Ontario, Canada. Outline. Introduction.

seanstephens
Télécharger la présentation

Efficient CRT-Based RSA Cryptosystems Immune against the Hardware Fault Attack and

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Efficient CRT-Based RSA Cryptosystems Immune against the Hardware Fault Attack and the FPGA Implementations Yonghong Yang Supervisors: Prof. Z. Abid & Prof. W. Wang Department of Electrical and Computer Engineering the University of Western Ontario, Canada

  2. Outline • Introduction • Literature Review • Proposed Efficient Two-Prime RSA Cryptosystem • Proposed Efficient Multi-Prime RSA Cryptosystem • FPGA Implementations and Results • Conclusions

  3. Introduction Network security is needed everywhere:

  4. Introduction • Electronic banking and voting • Electronic commerce, such as online bidding • Email, file exchange/submission • Web browsing, etc. • Wide applications need security

  5. Introduction • Cryptography • The mathematical science to secure the • confidentiality/authentication of data by • replacing them with a transformed version • Two types: secret-key and public-key • Cryptography guarantees the needed security • Privacy or confidentiality • Data integrity • Authentication • Non-repudiation

  6. Introduction • Secret-Key Cryptography • Traditional method of cryptography • Theoretical basis: “communication theory of secrecy systems” • Single key is used to encrypt and decrypt texts • DES, NSA and IDEA etc. • Disadvantages: • Difficult key management • Keys need to be changed frequently • Cannot yield efficient signature mechanisms

  7. Introduction • Public-Key Cryptography • Relatively new field – 1975, initiated by the paper “New directions in cryptography ” • Different keys are used for encryption and decryption • RSA, DSA, DSS etc.

  8. Introduction • Public-Key Cryptography • Advantages: • Easier key management • Key can remain unchanged for longer time • Yields efficient digital signature mechanisms • Disadvantage: • Slower throughputs since keys have larger wordlengths

  9. Introduction • RSA Cryptography One of the most widely used, simplest public- key cryptography so far • Scheme Alice Bob Encrypt using B’s public key Decrypt using by B’s private key Sign with A’s private key Check signature by A’s public key

  10. Outline • Introduction • Literature Review • Proposed Efficient Two-Prime RSA Cryptosystem • Proposed Efficient Multi-Prime RSA Cryptosystem • FPGA Implementations and Results • Conclusions

  11. Literature Review • RSA Cryptosystem • Public quantities: n, e;secret quantities: d, • Encryption/decryption: • Encryption: • Decryption: • Signing/signature verification: • Signing: • Signature verification:

  12. Literature Review • Chinese Remainder Theorem Based RSA • Chinese Remainder Theorem is often used to speedup the operations of RSA • Attacks on the CRT-based RSA • Hardware fault attack • Timing attack • Power attack

  13. Literature Review • Countermeasures to the attack • Padding the message, drawback: collision-free hash function (hard) • Checking the intermediate or final results, drawback: double the operational time and not secure • Revising the signature expression, make sure no secret information is leaked

  14. Outline • Introduction • Literature Review • Proposed Efficient Two-Prime RSA Cryptosystem • Proposed Efficient Multi-Prime RSA Cryptosystem • FPGA Implementations and Results • Conclusions

  15. Proposed Two-Prime RSA • Standard CRT-based two-prime RSA To calculate:

  16. Proposed Two-Prime RSA • Standard CRT-based two-prime RSA • Vulnerable to the hardware fault attack: When available: and factors the system

  17. Proposed Two-Prime RSA • CRT-2 protocol proposed by Yen et al. 1. 2. 3. where

  18. Proposed Two-Prime RSA • Proposed Two-Prime RSA 1. 2. 3. where

  19. Proposed Two-Prime RSA • Block diagram of the proposed two-prime RSA

  20. Proposed Two-Prime RSA • Comparison of the operational speed where ( ) , and

  21. Proposed Two-Prime RSA • Factorization complexity • The complexity of factoring the proposed RSA system: • The complexity of factoring CRT-2: • Similar

  22. Outline • Introduction • Literature Review • Proposed Efficient Two-Prime RSA Cryptosystem • Proposed Efficient Multi-Prime RSA Cryptosystem • FPGA Implementations and Results • Conclusions

  23. Proposed Multi-Prime RSA • Standard CRT-based multi-prime RSA

  24. Proposed Multi-Prime RSA • Immunity of CRT-based multi-prime RSA: • When (j-1) faulty signatures available, calculations according to these (j-1)faulty signatures factors the multi-prime RSA • Still vulnerable to the hardware fault attack

  25. Proposed Multi-Prime RSA • Proposed Multi-Prime RSA 1. 2. 3. for

  26. Proposed Multi-Prime RSA • The proposed multi-prime RSA

  27. Proposed Two-Prime RSA • Extended CRT-2 protocol 1. 2. 3. for

  28. Proposed Multi-Prime RSA • Comparison of the operational speed where ( , and )

  29. Proposed Multi-Prime RSA • Operational speed improvement has been verified by one example of three-prime RSA • Similar factorization complexity • Still for obtaining any factor from the proposed multi-prime RSA • Predicted to use fewer hardware resources • Will be verified by Implementation results later

  30. Outline • Introduction • Literature Review • Proposed Efficient Two-Prime RSA Cryptosystem • Proposed Efficient Multi-Prime RSA Cryptosystem • FPGA Implementations and Results • Conclusions

  31. FPGA Implementations • Design flow

  32. FPGA Implementations • Structure of modular exponentiation algorithm (to calculate )

  33. FPGA Implementations • Structure of Montgomery modular multiplication algorithm (to calculate )

  34. FPGA Implementations • Hardware structure of Montgomery modular multiplication

  35. FPGA Implementations • Structure of proposed two-prime RSA

  36. FPGA Implementations • Structure of standard CRT-based two-prime RSA

  37. FPGA Implementations • Structure of CRT-2 protocol

  38. FPGA Implementations Implementa-tion results:

  39. FPGA Implementations • Implementation results Conclusion: Not many more resources than the standard CRT-based RSA and much fewer than the systems based on CRT-2 protocol

  40. Outline • Introduction • Literature Review • Proposed Efficient Two-Prime RSA Cryptosystem • Proposed Efficient Multi-Prime RSA Cryptosystem • FPGA Implementations and Results • Conclusions

  41. Conclusions • Conclusions • The immunity of the RSA cryptosystems against the hardware fault attack is greatly increased • The proposed RSA cryptosystems provide more efficient operations than previous work, and they bear similar immunity against the hardware fault attack. • The proposed RSA cryptosystems use fewer resources than previous workin hardware implementations • The standard CRT-based RSA cryptosystems with more factors bears more difficult for the hardware fault attack

  42. Conclusions • Future work • Speed up the basic block: modular exponentiation computation • Implement the RSA cryptosystems with enhanced immunity against other implementation attacks • Download the RSA cryptosystems implemented in Chapter 5 to the FPGA chip

  43. Thesis Examination Thanks ! and Questions ?

More Related