Open Access

ARTICLE

Clustering Collision Power Attack on RSA-CRT

Wunan Wan^1,*, Jun Chen¹, Jinyue Xia², Jinquan Zhang¹, Shibin Zhang¹, Hao Chen¹

1 School of Cybersecurity, Chengdu University of Information Technology, Chengdu, 610225, China
2 International Business Machines Corporation (IBM), New York, 10041 NY 212, USA

* Corresponding Author: Wunan Wan. Email:

Computer Systems Science and Engineering 2021, 36(2), 417-434. https://doi.org/10.32604/csse.2021.014460

Received 22 September 2020; Accepted 23 October 2020; Issue published 05 January 2021

Abstract

In this paper, we propose two new attack algorithms on RSA implementations with CRT (Chinese remainder theorem). To improve the attack efficiency considerably, a clustering collision power attack on RSA with CRT is introduced via chosen-message pairs. This attack method is that the key parameters d_p and d_q are segmented by byte, and the modular multiplication collisions are identified by k-means clustering. The exponents d_p and d_q were recovered by 12 power traces of six groups of the specific message pairs, and the exponent d was obtained. We also propose a second order clustering collision power analysis attack against RSA implementation with CRT, which applies double blinding exponentiation. To reduce noise and artificial participation, we analyze the power points of interest by preprocessing and k-means clustering with horizontal correlation collisions. Thus, we recovered approximately 91% of the secret exponents manipulated with a single power curve on RSA-CRT with countermeasures of double blinding methods.

---

Keywords

---