摘要 |
PROBLEM TO BE SOLVED: To solve the following problem: the conventional method for blocking the attack of simple power analysis by adding dummy multiplication to eliminate the differences in existence of multiplication by the bit of a power value of a private key (d) cannot block an attack (a BigMac attack) wherein the multipliers in a dummy multiplication and in a non-dummy multiplication are analyzed. SOLUTION: An exponentiation arithmetic unit comprises an input/output section, a private key storing section, a counter storing section, a counter initializing section, a counter updating section, a first counter judging section, a second counter judging section, a bit judging section, a multiplication section, a squaring section, an intermediate value storing section, a multiplier storing section, a random number storing section, a multiplier initializing section, a multiplier updating section, a randomness removing section, and a random number updating section. By updating the multiplier while raising it, distinction between a dummy multiplication and a non-dummy multiplication is made difficult. Thus, a BigMac attack can be blocked. COPYRIGHT: (C)2008,JPO&INPIT
|