Lattice-based Fault Attacks on DSA-Another Possible Strategy

Tomáš Rosa
We start by describing a realistic DSA signing procedure which tries to defeat fault attacks by employing an implicit verification of every signature made. Only correct signatures are returned from the procedure. We then show that, despite looking robust on a first glimpse, such a procedure cannot be regarded as being automatically resistant against fault attacks. We demonstrate this by showing a realistic fault attack that passes undetected by the procedure. Furthermore, it is even somehow
more » ... lerated and hidden thanks to it. The attack described in this paper can also have a real use. We emphasize, however, that instead of breaking a concrete implementation of DSA an effort was mainly made to deliver an existential proof of that we shall not rely solely on a paradigm of implicit verification when we design a defence against fault attacks.