IACR News item: 22 October 2014
Werner Schindler
ePrint Report
The references \\cite{Schi00,BrBo03,AcSK05} treat timing attacks on RSA with CRT and Montgomery\'s multiplication algorithm in unprotected implementations.
It has been widely believed that exponent blinding would prevent any timing attack on RSA.
At cost of significantly more timing measurements this paper extends the before-mentioned attacks to RSA with CRT, Montgomery\'s multiplication algorithm and exponent blinding.
Simulation experiments are conducted, which confirm the theoretical results. Effective countermeasures exist.
Additional news items may be found on the IACR news page.