Abstract
AbstractWe describe a parallel algorithm for modular exponentiation y ≡ x k mod n. Then we discuss timing attacks against an implementation of the proposed parallel algorithm for modular exponentiation. When we have two processors, which perform modular exponentiation, an exponent k is scattered into two partial exponents k (0) and k (1), where k (0) and k (1) are derived by bitwise AND operation from k such that \(k^{(0)}=k \wedge(0101...01)_{2}\) and \(k^{(1)}=k \wedge(1010...10)_{2}\). Two partial modular exponentiations y0 ≡ x k 0 mod n and y1 ≡ x k 1 mod n are performed in parallel using two processors. Then we can obtain y by computing y ≡ y0y1 mod n. In general, the hamming weight of k (0) and k (1) are smaller than that of k. Thus fast computation of modular exponentiation y ≡ x k mod n can be achieved. Moreover we show a timing attack against an implementation of this algorithm. We perform a software simulation of the attack and analyze security of the parallel implementation.KeywordsParallel modular exponentiationMontgomery multiplicationSide channel attackTiming attackRSA cryptosystems
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.