%0 Journal Article
%T Differential Fault Analysis on RSA-CRT Based on Fault in Error Checking Operation<br>基于错误检验故障的RSA-CRT差分故障分析
%A CHEN Cai-sen
%A WANG Tao
%A TIAN Jun-jian
%A ZHANG Jin-zhong
%A <br>陈财森
%A 王韬
%A 田军舰
%A 张金中
%J 计算机科学
%D 2011
%I 
%X The former fault analysis can't attack on RSA-CRT with corresponding countermeasure. In order to find the new vulnerability to fault analysis,this paper took BOS countermeasure as the analyzed object An attack model based on fault in error checking operation was advanced, and a differential fault analysis algorithm was given that can completely recover the RSA key. The fact that the previous countermeasures can't effectively resist the differential fault analysis was demonstrated,and the complexity of our attack was estimated both by a theoretical analysis and software simulations. Experiment results show that the new fault analysis algorithm has well feasibility, it requires less faulty signature samples than Wagner's attack algorithm, almost need 256 samples for single byte fault Finally, a corresponding advice on countermen sure to differential fault analysis was given by analyzing the problem of previous countermeasures.
%K Side channel attack
%K Fault model
%K Differential fault analysis
%K Error checking
%K Chinese remainder theorem
%K RSA<br>旁路攻击，故障模型，差分故障分析，错误检验，中国剩余定理，RSA密码算法
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=64A12D73428C8B8DBFB978D04DFEB3C1&aid=F101C9A49FBC07374E0702A1849E7909&yid=9377ED8094509821&vid=16D8618C6164A3ED&iid=38B194292C032A66&sid=228A710F49B6CE58&eid=9C65ADEB5990B252&journal_id=1002-137X&journal_name=计算机科学&referenced_num=0&reference_num=7