1-4hit |
Sung-Ming YEN Wei-Chih LIEN Chien-Ning CHEN
Power analysis can be used to attack many implementations of cryptosystems, e.g., RSA and ECC, and the doubling attack is a collision based power analysis performed on two chosen ciphertexts. In this paper, we introduced a modified doubling attack to threaten RSA and ECC implementations by exploiting only one chosen ciphertext of small order. To attack the RSA implementations we selected an input of order two while to attack the ECC implementations we exploited one chosen invalid point of small order on a cryptographically weak curve rather than on the original curve. We showed that several existing power analysis countermeasures for RSA and ECC implementations are still vulnerable to the proposed attack. To prevent the proposed attack, we suggested countermeasures for RSA as well as for ECC.
Mohammad Mesbah UDDIN Yasunobu NOHARA Daisuke IKEDA Hiroto YASUURA
A multi-application smart card system consists of an issuer, service vendors and cardholders, where cardholders are recipients of smart cards (from the issuer) to be used in connection with applications offered by service vendors. Authentic post-issuance program modification is necessary for a multi-application smart card system because applications in the system are realized after the issuance of a smart card. In this paper, we propose a system where only authentic modification is possible. In the proposed system, the smart card issuer stores a unique long bitstring called PID in a smart card. The smart card is then given to the cardholder. A unique substring of the PID (subPID) is shared between the cardholder and a corresponding service vendor. Another subPID is shared between the issuer and the cardholder. During program modification, a protocol using the subPIDs, a one-way hash function and a pseudorandom number generator function verifies the identity of the parties and the authenticity of the program.
We propose a public-key primitive modulo pkq based on the RSA primitive. The decryption process of the proposed scheme is faster than those of two variants of PKCS #1 version 2.1, namely the RSA cryptosystem using Chinese remainder theorem (CRT) and the Multi-Prime RSA. The message M of the proposed scheme is decrypted from M mod pk and M mod q using the CRT, where we apply the Hensel lifting to calculate M mod pk from M mod p that requires only quadratic complexity
Shuichi ISHIDA Masahiro MIMURA Yoichi SETO
Smart cards and biometrics can be effectively combined for personal authentication over an open network. The combination is achieved as two-step authentication in which the smart card is authenticated based on a public key infrastructure, and the card holder is authenticated using the template stored in the smart card based on the biometric data. The biometric verification has to be executed in the card for security purposes. This paper describes a fingerprint verification method based on a popular biometric verification technique that can be embedded in a smart card. The prototype system that uses this verification method can verify fingerprints in a few seconds by using the data stored on the smart card.