[Resource Topic] 2005/458: Seifert's RSA Fault Attack: Simplified Analysis and Generalizations

Welcome to the resource topic for 2005/458

Seifert’s RSA Fault Attack: Simplified Analysis and Generalizations

Authors: James A. Muir


Seifert recently described a new fault attack against an implementation of RSA signature verification. Here we give a simplified analysis of Seifert’s attack and gauge its practicality against RSA moduli of practical sizes. We suggest an improvement to Seifert’s attack which has the following consequences: if an adversary is able to cause random faults in only 4 bits of a 1024-bit RSA modulus stored in a device, then there is a greater than 50% chance that they will be able to make that device accept a signature on a message of their choice. For 2048-bit RSA, 6 bits suffice.

ePrint: https://eprint.iacr.org/2005/458

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .