Electronic communication of information has become commonplace. Today, sensitive information regarding individuals, businesses, and other entities, can be communicated electronically between devices. For example, computers, cellular phones, smart cards, and other electronic devices can be utilized to electronically communicate such information between users. Further, devices (e.g., smart cards) can be utilized to provide a digital signature or other authentication information that can reasonably identify a user of such devices and can provide certain information regarding the user and/or can enable the user to sign electronic documents (e.g., legal documents) in a secure manner.
With regard to the electronic communication of sensitive information, encryption/decryption techniques can be utilized to protect such information from being accessed by undesired persons (e.g., attackers, hackers). For example, public key encryption can be utilized to secure information electronically communicated between devices. When sending a message, an entity can utilize a public key, which can be published and made available to users, to encrypt the message data. The encrypted message can be sent to a recipient, who can utilize a private key, which can be known to the recipient but not others, so that the encrypted message data can be decrypted and the message can be perceived in a usable form. Conventional technology commonly utilizes Rivest, Shamir, and Adleman (“RSA”) cryptography to perform such public key encryption. Further, when public key encryption is implemented on embedded devices, conventional technology utilizes the Chinese Remainder Theorem (“CRT”) with RSA cryptography (“CRT RSA cryptography”) for signing or decryption operations (i.e., operations involving the private key).
However, undesired persons can take measures to attempt to learn or decrypt secure data and/or the private key that was used to encrypt the secure data. For example, attackers can attempt to collect side-channel information (e.g., power consumption information, electromagnetic information, or fault information) associated with a device when executing a cryptographic process in order to learn the private key or other security measures utilized to secure the data. Attacks using such side-channel information can include simple power analysis (“SPA”) attacks, differential power analysis (“DPA”) attacks, electromagnetic analysis (“EMA”) attacks, and differential fault analysis (“DFA”) attacks.
Specifically, an attacker can utilize DFA to attack CRT RSA cryptography implemented on an embedded device, provoking an abnormal computation and using a corrupted result to find a private key. Although conventional methods can be used to prevent such attacks, they are time consuming (e.g., by computing a digital signature multiple times) and can be ineffective (e.g., when an attacker provokes abnormal computations by injecting a common error during multiple device executions of the cryptographic process, or when a public exponent is unknown). Thus, conventional techniques are inadequate in preventing DFA attacks on CRT RSA cryptography implemented on embedded devices, allowing undesired persons to gain unauthorized and undesired access to a user's information. Such access can cause undesired financial hardship, emotional hardship, and/or other harm to the user.
It is therefore desirable to prevent DFA attacks on CRT RSA cryptography utilized to protect sensitive information communicated between electronic devices. Further, it is desirable that such countermeasures be manageable on electronic devices, including portable electronic devices (e.g., cellular phones, smart cards).