Fault Attacks Against EMV Signatures

Date Added: Oct 2009
Format: PDF

At CHES 2009, Coron, Joux, Kizhvatov, Naccache and Paillier (CJKNP) exhibited a fault attack against RSA signatures with partially known messages. This attack allows factoring the public modulus N. While the size of the Unknown Message Part (UMP) increases with the number of faulty signatures available, the complexity of cjknp's attack increases exponentially with the number of faulty signatures. This paper describes a simpler attack, whose complexity is polynomial in the number of faults; consequently, the new attack can handle much larger umps.