## CryptoDB

### Paper: Seifert's RSA Fault Attack: Simplified Analysis and Generalizations

Authors: James A. Muir URL: http://eprint.iacr.org/2005/458 Search ePrint Search Google Seifert recently described a new fault attack against an implementation of RSA signature verification. Here we give a simplified analysis of Seifert's attack and gauge its practicality against RSA moduli of practical sizes. We suggest an improvement to Seifert's attack which has the following consequences: if an adversary is able to cause random faults in only 4 bits of a 1024-bit RSA modulus stored in a device, then there is a greater than 50% chance that they will be able to make that device accept a signature on a message of their choice. For 2048-bit RSA, 6 bits suffice.
##### BibTeX
@misc{eprint-2005-12791,
title={Seifert's RSA Fault Attack:  Simplified Analysis and Generalizations},
booktitle={IACR Eprint archive},
keywords={implementation / RSA, fault analysis},
url={http://eprint.iacr.org/2005/458},
note={ jamuir@scs.carleton.ca 13133 received 15 Dec 2005},
author={James A. Muir},
year=2005
}