Internet Archive Scholar

Using Bleichenbacher's solution to the hidden number problem to attack nonce leaks in 384-bit ECDSA: extended version

Elke De Mulder, Michael Hutter, Mark E. Marson, Peter Pearson
2014 Journal of Cryptographic Engineering  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (658.8 kB)
https://web.archive.org/web/20160627064704/http://mhutter.org/papers/Mulder2014UsingBleichenbachersSolution.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL. The file type is application/pdf.

In this paper we describe an attack against nonce leaks in 384-bit ECDSA using an FFT-based attack due to Bleichenbacher. The signatures were computed by a modern smart card. We extracted the loworder bits of each nonce using a template-based power analysis attack against the modular inversion of the nonce. We also developed a BKZ-based method for the range reduction phase of the attack, as it was impractical to collect enough signatures for the collision searches originally used by
more » ... er. We confirmed our attack by extracting the entire signing key using a 5-bit nonce leak from 4 000 signatures.
doi:10.1007/s13389-014-0072-z fatcat:tsxqox2iajagbptnzfivike2t4
Citation

Elke De Mulder, Michael Hutter, Mark E. Marson, Peter Pearson. "Using Bleichenbacher's solution to the hidden number problem to attack nonce leaks in 384-bit ECDSA: extended version." Journal of Cryptographic Engineering 4.1 (2014) 33-45