Bug Attacks

Bug Attacks

In this paper we present a new kind of cryptanalytic attack which utilizes bugs in the hardware implementation of computer instructions. The best-known example of such a bug is the Intel division bug, which resulted in slightly inaccurate results for extremely rare inputs. Whereas in most applicatio...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Journal of cryptology 2016-10, Vol.29 (4), p.775-805
Hauptverfasser: Biham, Eli, Carmeli, Yaniv, Shamir, Adi
Format: Artikel
Sprache:eng
Schlagworte:
Algorithms
Coding and Information Theory
Combinatorics
Communications Engineering
Computational Mathematics and Numerical Analysis
Computer Science
Encryption
Extreme values
Hardware
Networks
Probability Theory and Stochastic Processes
Security
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:In this paper we present a new kind of cryptanalytic attack which utilizes bugs in the hardware implementation of computer instructions. The best-known example of such a bug is the Intel division bug, which resulted in slightly inaccurate results for extremely rare inputs. Whereas in most applications such bugs can be viewed as a minor nuisance, we show that in the case of RSA (even when protected by OAEP), Pohlig–Hellman and ElGamal encryption such bugs can be a security disaster: decrypting ciphertexts on any computer which multiplies even one pair of numbers incorrectly can lead to full leakage of the secret key, sometimes with a single well-chosen ciphertext. As shown by recent revelation of top secret NSA documents by Edward Snowden, intentional hardware modifications is a method that was used by the USA to weaken the security of commercial equipment sent to targeted organizations.
ISSN:0933-2790
1432-1378
DOI:10.1007/s00145-015-9209-1