Fault Analysis on RSA Signing
https://blog.trailofbits.com/2018/08/14/fault-analysis-on-rsa-signing/ [blog.trailofbits.com]
2018-08-15 03:51
This spring and summer, as an intern at Trail of Bits, I researched modeling fault attacks on RSA signatures. I looked at an optimization of RSA signing that uses the Chinese Remainder Theorem (CRT) and induced calculation faults that reveal private keys. I analyzed fault attacks at a low level rather than in a mathematical context. After analyzing both a toy program and the mbed TLS implementation of RSA, I identified bits in memory that leak private keys when flipped.
source: green