Method for increasing the degree of protection of message encryption based on an algorithm for a constant component in time

Abstract

Currently, asymmetric cryptosystems are used everywhere, in document management for cryptocurrencies, providing a high level of protection to end users, relying on the mathematical complexity of calculating a discrete algorithm. But, it is possible to make a cryptocurrency attack on the so-called ephemeral key, which is an auxiliary key when creating a signature. Recent works have shown examples of cryptocurrencies on the random number generator, processor cache, timing attacks. However, these attacks do not work when the numerical value of the bits is unknown. Also, recent work shows the main vulnerability in the case signature, namely the inverse module calculation algorithm that is vulnerable to timing attacks. The article considers the damage of cryptosystems such as DSA and ECDSA before the attack based on the analysis of the variable time of signing the message. A mathematical model has been developed to test this type of lesion, based on lattice attacks. It is shown that if there are enough signatures with the same signing time, it is possible to identify the presence of common bits of ephemeral keys, which will restore the sender's private key. It is proved that the cause of the lesion is the lack of execution of the operation of calculating the inverse module of the time variable, which provides ephemeral key data to the attacker. To solve this problem, an extended Euclidean algorithm for calculating the inverse module for a fixed time is proposed. In this paper, the advanced Euclidean algorithm for calculating the inverse module is improved, namely, its constant time execution is achieved, which prevents timed attacks.