Some active attacks on fast server-aided secret computation protocols for modular exponentiation

AbstractMontgomery’s and Barrett’s modular multiplication algorithms are widely used in modular exponentiation algorithms, e.g. to compute RSA or ECC operations. While Montgomery’s multiplication algorithm has been studied extensively in the literature and many side-channel attacks have been detected, to our best knowledge no thorough analysis exists for Barrett’s multiplication algorithm. This article closes this gap. For both Montgomery’s and Barrett’s multiplication algorithm, differences of the execution times are caused by conditional integer subtractions, so-called extra reductions. Barrett’s multiplication algorithm allows even two extra reductions, and this feature increases the mathematical difficulties significantly. We formulate and analyse a two-dimensional Markov process, from which we deduce relevant stochastic properties of Barrett’s multiplication algorithm within modular exponentiation algorithms. This allows to transfer the timing attacks and local timing attacks (where a second side-channel attack exhibits the execution times of the particular modular squarings and multiplications) on Montgomery’s multiplication algorithm to attacks on Barrett’s algorithm. However, there are also differences. Barrett’s multiplication algorithm requires additional attack substeps, and the attack efficiency is much more sensitive to variations of the parameters. We treat timing attacks on RSA with CRT, on RSA without CRT, and on Diffie–Hellman, as well as local timing attacks against these algorithms in the presence of basis blinding. Experiments confirm our theoretical results.

Download Full-text

A Benchmarking of the Effectiveness of Modular Exponentiation Algorithms using the library GMP in C language

2020 International Conference on Computational Intelligence (ICCI) ◽

10.1109/icci51257.2020.9247766 ◽

2020 ◽

Author(s):

Tran Quy Ban ◽

Tran Thi Thuy Nguyen ◽

Vu Thanh Long ◽

Pham Dang Dung ◽

Bui Thanh Tung

Keyword(s):

Modular Exponentiation ◽

C Language

Download Full-text

Simulation of Modular Exponentiation Circuit for Shor's Algorithm in Qiskit

2020 14th International Conference on Telecommunication Systems, Services, and Applications (TSSA ◽

10.1109/tssa51342.2020.9310794 ◽

2020 ◽

Author(s):

Harashta Tatimma Larasati ◽

Howon Kim

Keyword(s):

Modular Exponentiation ◽

Shor's Algorithm

Download Full-text

Study on Several Fast Algorithm of Modular Exponentiation in RSA

2011 International Conference on Network Computing and Information Security ◽

10.1109/ncis.2011.82 ◽

2011 ◽

Author(s):

Tong Zhou

Keyword(s):

Fast Algorithm ◽

Modular Exponentiation

Download Full-text

Fast modular exponentiation and elliptic curve group operation in Maple

International Journal of Mathematical Education in Science and Technology ◽

10.1080/00207390600712422 ◽

2006 ◽

Vol 37 (6) ◽

pp. 745-753

Author(s):

S. Y. Yan ◽

G. James

Keyword(s):

Elliptic Curve ◽

Modular Exponentiation ◽

Group Operation

Download Full-text

Design and Implementation of Layer Extended Shortest Addition Chains Database for Fast Modular Exponentiation in RSA

2010 International Conference on Web Information Systems and Mining ◽

10.1109/wism.2010.174 ◽

2010 ◽

Cited By ~ 2

Author(s):

Yiling Li ◽

Qingyu Ma

Keyword(s):

Modular Exponentiation ◽

Design And Implementation ◽

Addition Chains

Download Full-text

Three hardware architectures for the binary modular exponentiation: sequential, parallel, and systolic

IEEE Transactions on Circuits and Systems I Fundamental Theory and Applications ◽

10.1109/tcsi.2005.858767 ◽

2006 ◽

Vol 53 (3) ◽

pp. 627-633 ◽

Cited By ~ 30

Author(s):

N. Nedjah ◽

Ld.M. Mourelle

Keyword(s):

Modular Exponentiation ◽

Hardware Architectures

Download Full-text

SSID Oracle Attack on Undisclosed Wi-Fi Preferred Network Lists

Wireless Communications and Mobile Computing ◽

10.1155/2018/5153265 ◽

2018 ◽

Vol 2018 ◽

pp. 1-15 ◽

Cited By ~ 2

Author(s):

Ante Dagelić ◽

Toni Perković ◽

Bojan Vujatović ◽

Mario Čagalj

Keyword(s):

Location Privacy ◽

Real Life ◽

User Mobility ◽

Window Of Opportunity ◽

Privacy Concerns ◽

Private Location ◽

Life Tests ◽

Active Attacks ◽

Recommender Algorithm ◽

Dictionary Attacks

User’s location privacy concerns have been further raised by today’s Wi-Fi technology omnipresence. Preferred Network Lists (PNLs) are a particularly interesting source of private location information, as devices are storing a list of previously used hotspots. Privacy implications of a disclosed PNL have been covered by numerous papers, mostly focusing on passive monitoring attacks. Nowadays, however, more and more devices no longer transmit their PNL in clear, thus mitigating passive attacks. Hidden PNLs are still vulnerable against active attacks whereby an attacker mounts a fake SSID hotspot set to one likely contained within targeted PNL. If the targeted device has this SSID in the corresponding PNL, it will automatically initiate a connection with the fake hotspot thus disclosing this information to the attacker. By iterating through different SSIDs (from a predefined dictionary) the attacker can eventually reveal a big part of the hidden PNL. Considering user mobility, executing active attacks usually has to be done within a short opportunity window, while targeting nontrivial SSIDs from user’s PNL. The existing work on active attacks against hidden PNLs often neglects both of these challenges. In this paper we propose a simple mathematical model for analyzing active SSID dictionary attacks, allowing us to optimize the effectiveness of the attack under the above constraints (limited window of opportunity and targeting nontrivial SSIDs). Additionally, we showcase an example method for building an effective SSID dictionary using top-N recommender algorithm and validate our model through simulations and extensive real-life tests.

Download Full-text