Abstract

Brier et al (2006) showed how to attack RSA by induction of faults in public modulus n. We propose to use the same kind of technique to attack other asymmetric cryptographic schemes. The most interesting case in which we use a somewhat different approach is the attack on Elliptic Curves based signature protocol (namely ECDSA). Here we also take advantage of the short keys to offer a nontrivial practical attack that enables us to fully recover the private key. Different idea is used to attack Guillou-Quisquater authentication scheme (GQ). This demonstrates how the difference between schemes influences the details of the modulus corruption attacks. Special efforts were devoted to calculate the amount of corrupted data to perform the attack on each scheme. Various ways of protection against fault injection attacks on public key elements are discussed.