Skip to Main content Skip to Navigation
Conference papers

ROSETTA for Single Trace Analysis

Abstract : In most efficient exponentiation implementations, recovering the secret exponent is equivalent to disclosing the sequence of squaring and multiplication operations. Some known attacks on the RSA exponentiation apply this strategy, but cannot be used against classical blinding countermeasures. In this paper, we propose new attacks distinguishing squaring from multiplications using a single side-channel trace. It makes our attacks more robust against blinding countermeasures than previous methods even if both exponent and message are randomized, whatever the quality and length of random masks. We demonstrate the efficiency of our new techniques using simulations in different noise configurations.
Document type :
Conference papers
Complete list of metadata
Contributor : Yolande Vieceli <>
Submitted on : Wednesday, January 16, 2013 - 11:48:51 AM
Last modification on : Friday, June 5, 2020 - 6:54:05 AM




Christophe Clavier, Benoit Feix, Georges Gagnerot, Christophe Giraud, Mylène Roussellet. ROSETTA for Single Trace Analysis. Indocrypt 2012, Dec 2012, Kolkata, India. pp.140-155, ⟨10.1007/978-3-642-34931-7_9⟩. ⟨hal-00776817⟩



Record views