Comparative power analysis of modular exponentiation algorithms

Naofumi Homma, Atsushi Miyamoto, Takafumi Aoki, Akashi Satoh, Adi Samir

Research output: Contribution to journalArticlepeer-review

39 Citations (Scopus)


This paper proposes new chosen-message power-analysis attacks for public-key cryptosystems based on modular exponentiation, where specific input pairs are used to generate collisions between squaring operations at different locations in the two power traces. Unlike previous attacks of this kind, the new attack can be applied to all standard implementations of the exponentiation process, namely binary (left-to-right and right-to-left), m-ary, and sliding window methods. The proposed attack can also circumvent typical countermeasures, such as the Montgomery powering ladder and the double-add algorithm. The effectiveness of the attack is demonstrated in experiments with hardware and software implementations of RSA on an FPGA and a PowerPC processor, respectively. In addition to the new collision generation methods, a highly accurate waveform matching technique is introduced for detecting the collisions even when the recorded signals are noisy and there is a certain amount of clock jitter.

Original languageEnglish
Article number5342411
Pages (from-to)795-807
Number of pages13
JournalIEEE Transactions on Computers
Issue number6
Publication statusPublished - 2010


  • Modular exponentiation
  • Power-analysis attacks
  • RSA
  • Side-channel attacks
  • Waveform matching

ASJC Scopus subject areas

  • Software
  • Theoretical Computer Science
  • Hardware and Architecture
  • Computational Theory and Mathematics


Dive into the research topics of 'Comparative power analysis of modular exponentiation algorithms'. Together they form a unique fingerprint.

Cite this