By Topic

Further Cryptanalysis of a CRT-RSA Algorithm at CCS 2003

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Ming Li ; Shandong Univ., Shandong ; Baodong Qin ; Fanyu Kong ; Daxing Li

At CCS 2003, Blomer, Otto, and Seifert proposed a new CRT-RSA signature algorithm, which was claimed to be secure against hardware fault attack. Unfortunately, one year later, Wagner presented a simple and practical fault attack on the so-called BOS algorithm. In this paper, we give a further cryptanalysis of the BOS algorithm and can completely break the security of it with a probability at least 25%. Compared to Wagner's attack, the new attack is much simpler and requires fewer faulty signatures. We further conclude that the BOS algorithm is not safe for use in its present form.

Published in:

Network and Parallel Computing Workshops, 2007. NPC Workshops. IFIP International Conference on

Date of Conference:

18-21 Sept. 2007