A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is
We start by describing a realistic DSA signing procedure which tries to defeat fault attacks by employing an implicit verification of every signature made. Only correct signatures are returned from the procedure. We then show that, despite looking robust on a first glimpse, such a procedure cannot be regarded as being automatically resistant against fault attacks. We demonstrate this by showing a realistic fault attack that passes undetected by the procedure. Furthermore, it is even somehowfatcat:zca4hnw2mvepbkjqgfxuh6endm