A Secure Algorithm for Inversion Modulo 2k

Sadiel de la Fe; Carles Ferrer

doi:10.3390/cryptography2030023

Cryptography (Sep 2018)

A Secure Algorithm for Inversion Modulo 2k

Sadiel de la Fe,
Carles Ferrer

Affiliations

Sadiel de la Fe: Department of Microelectronics and Electronic Systems, Universitat Autònoma de Barcelona, 08193 Barcelona, Spain
Carles Ferrer: Department of Microelectronics and Electronic Systems, Universitat Autònoma de Barcelona, 08193 Barcelona, Spain

DOI: https://doi.org/10.3390/cryptography2030023
Journal volume & issue: Vol. 2, no. 3
p. 23

Abstract

Read online

Modular inversions are widely employed in public key crypto-systems, and it is known that they imply a bottleneck due to the expensive computation. Recently, a new algorithm for inversions modulo p k was proposed, which may speed up the calculation of a modulus dependent quantity used in the Montgomery multiplication. The original algorithm lacks security countermeasures; thus, a straightforward implementation may expose the input. This is an issue if that input is a secret. In the RSA-CRT signature using Montgomery multiplication, the moduli are secrets (primes p and q). Therefore, the moduli dependent quantities related to p and q must be securely computed. This paper presents a security analysis of the novel method considering that it might be used to compute secrets. We demonstrate that a Side Channel Analysis leads to disclose the data being manipulated. In consequence, a secure variant for inversions modulo 2 k is proposed, through the application of two known countermeasures. In terms of performance, the secure variant is still comparable with the original one.

Published in Cryptography

ISSN: 2410-387X (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Technology
Website: http://www.mdpi.com/journal/cryptography

About the journal

Abstract

Keywords