Correlation Analysis against Protected SFM Implementations of RSA

Since Kocher's first attacks in 1996, the field of side-channel analysis has widely developed, and new statistical tools have competed against new countermeasures to threaten cryptosystems. Among existing algorithms, RSA has always been a privileged target. It seems generally admitted that a combination of SPA protection such as regular exponentiation associated with blinding techniques such as randomization of the exponent and of the input message offers in practice sufficient protection against all known side-channel attacks. Indeed, known attacks either require building statistical information over several executions of the algorithm, which is countered by exponent randomization, or rely on partial SPA leakage, which implies an incorrect implementation of known countermeasures, or require specific internal knowledge of the implementation and hard-to-obtain experimental conditions, as for the recent horizontal correlation analysis of Clavier et al. [10]. In this paper, we show that it is possible to attack a state-of-the-art implementation of Straightforward Method (SFM) RSA. Our attack requires a small public exponent (no greater than 216 + 1) and a reasonable exponent blinding factor (no greater than 32 bits). It does not require additional internal knowledge of the implementation, neither does it have special experimental requirements. From a practical point of view, it thus compares with classical correlation analysis. We provide simulations of our attack demonstrating its efficiency, even in noisy scenarios. This shows that SFM implementations of RSA may be much more difficult to protect against side-channel attacks than CRT implementations.