Integrity verification of cryptographic key pairs

Abstract

Method of integrity verification of public and private cryptographic key pairs in the additive group of integers modulo n, with n being the product of two prime numbers p and q, the method including the following steps: of computation (201), on the basis of the number n, of a public exponent e of the public key, and of a private exponent d of the private key, of two candidate factors p and q corresponding respectively to the numbers p and q, of verification (206) so as to verify the consistency of the private exponent with respect to the public exponent and to the number n, the verification step involving the candidate factors.

Claims

1. A method, performed by a processor of a cryptographic system, of cryptographically processing a message, using encryption and/or digital signature mechanisms based on public and private cryptographic key pairs in the additive group of integers modulo n, with n being the product of two prime numbers p and q, the method comprising: verifying the integrity of the public and private cryptographic key pairs; and encrypting and/or digitally signing the message using the public and private cryptographic key pairs, wherein the step of verifying of the integrity of the public and private cryptographic key pairs comprises the steps of computing, on the basis of said number n, a public exponent e of said public key, and of a private exponent d of said private key, of two candidate factors p and q corresponding respectively to the numbers p and q, and verifying a consistency of said private exponent with respect to said public exponent and to said number n, said verification step involving said candidate factors.

2. The method according to claim 1, wherein said verification step pertains to the product of the public exponent e and of said private exponent d.

3. The method according to claim 2, wherein during said verification step, it is verified whether the product of the public exponent e and of said private exponent d is congruent to 1 modulo (n), the least common multiple between (p1) and (q1).

4. The method according to claim 2, wherein during said verification step, it is verified whether the product of the public exponent e and of said private exponent d is congruent to 1 modulo the product (p1).Math.(q1).

5. The method according to claim 1, wherein said verification step pertains to the least common multiple (n) between (p1) and (q1).

6. The method according to claim 5, wherein during said verification step, the least common multiple (n) between (p1) and (q1) is compared with the least common multiple (n) between (p1) and (q1).

7. The method according to claim 5, wherein during said verification step, it is verified whether: the least common multiple (n) between (p1) and (q1) is congruent to 0 modulo (p1), and the least common multiple (n) between (p1) and (q1) is congruent to 0 modulo (q1).

8. The method according to claim 1, wherein said candidate factors are computed by a probabilistic factorization algorithm.

9. A computer program encoded on a non-transitory computer-readable medium, comprising instructions that, upon being loaded and executed by a processor of a cryptography device, causes the cryptography device to implement the method according to claim 1.

10. A cryptographic device comprising a microprocessor configured to implement the method according to claim 1.

11. The cryptographic device according to claim 10, wherein the cryptographic device is portable.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

(1) Other advantages, aims and characteristics of the present invention emerge from the detailed description which follows, given by way of nonlimiting example, in regard to the appended drawings in which:

(2) FIG. 1 illustrates a method of testing integrity of generation of keys;

(3) FIG. 2 illustrates a method of verifying integrity of keys;

(4) FIG. 3 schematically illustrates a device according to embodiments.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

(5) Hereinafter, embodiments are described. However, in a prefatory manner, there is described a method of testing integrity of generation of cryptographic key pairs. This test method can be used for cryptographic keys used in encryption and/or digital signature mechanisms. Thus, this method can be used even before knowing the subsequent use of the generated key pair.

(6) It is assumed that a public cryptographic key (e, n) and a private cryptographic key (d, n) are generated such that: n=p.Math.q, with p and q being prime numbers, 1<e<(n) and e and (n) are mutually prime (gcd(e, (n))=1), with (n)=(p1).Math.(q1) ( being the Euler indicator function, or totient as it is termed), and d.Math.e=1 mod (n), (n) being the least common multiple between p1 and q1 ((n)=lcm(p1, q1)).

(7) Thereafter, as illustrated by FIG. 1, during a first step 100 a message m (m belonging to Z.sub.n, the additive group of integers modulo n), is encrypted with the public exponent e so as to obtain a first encrypted message c=m.sup.e mod n. Thereafter, during step 102, the encrypted message c is decrypted with the private key d so as to obtain a decrypted message m=c.sup.d mod n.

(8) It is thereafter verified, during a step 103, whether the initial message m and the decrypted message are the same (m=m). If this is not the case (NOK), it is determined during step 104 that the key pair generated is corrupted. If on the other hand the initial message m and the decrypted message are the same (OK), the decrypted message m is encrypted, during a step 105, with the public exponent e so as to obtain a second encrypted message c=(m).sup.e mod n.

(9) It is thereafter verified, during a step 106, whether the first encrypted message c and the second encrypted message c are the same (c=c). If such is the case (OK), it is determined during step 107 that the integrity test is successful. Otherwise (NOK), it is determined, during step 108, that the key pair generated is corrupted.

(10) Certain corrupted key pairs may successfully pass the integrity tests such as that described hereinabove or other tests of the prior art.

(11) For example, if, instead of generating the private exponent d, there is generated a number d such that: d.Math.e=1 mod (n)/, 1, divides (n),
it may happen that for some messages, the key pair with the numbers d and e passes the test successfully whereas an error has occurred in the private exponent d.

(12) In addition to being a source of errors for a cryptographic system using the keys, this may be a source of attacks by malicious third parties.

(13) For example, the number d may be generated by error if the computation of the least common multiple of p1 and q1 (which must normally give (n)) is marred by an error. The number d may be computed by implementing Euclid's algorithm. The integers a and b are computed so that e.Math.a+b.Math.(n)/=1 (Bezout relation). The number d is then obtained as d=a mod (n)/. Under these conditions, we do indeed have d.Math.e=1 mod (n)/.

(14) By causing the determination of the number d instead of the number d, an attacker can thus retrieve one of the secret factors (p and q) of the number n such that n=p.Math.q.

(15) Indeed, let us assume that the integer a divides the number

(16) $\frac{\left(q-1\right)}{\gcd \left(p-1,q-1\right)}$
without however dividing the number

(17) $\frac{\left(p-1\right)}{\gcd \left(p-1,q-1\right)},$
then, denoting by t the number such that

(18) $t=\frac{\left(q-1\right)}{.Math.\gcd \left(p-1,q-1\right)},$
we obtain d=e.sup.1 mod t.Math.(p1).

(19) Thus, the private exponent is the inverse of the public exponent in the ring Z.sub.p-1 instead of the ring Z.sub.(n). For a random message m, we then have:
(m.sup.d).sup.e=m mod n,
but we also have
(m.sup.d).sup.e=m mod p.

(20) A multiple of the factor p can thus be obtained as (m.sup.d).sup.em mod n.

(21) An attacker can thus perturb the generation of keys and request the signature of random messages. For certain messages m, the signature s obtained is such that gcd(s.sup.em,n) gives a factor of n.

(22) Let us assume that the least common multiple of p1 and q1 is computed as follows,

(23) $\left(n\right)=\frac{\left(p-1\right).Math.\left(q-1\right)}{\gcd \left(p-1,q-1\right)},$
with gcd(p1, q1) being the greatest common divisor of p1 and q1. If the computation of this greatest common divisor gives . gcd(p1, q1) (the product of times gcd(p1, q1)) instead of gcd(p1, q1), then d is computed instead of computing d.

(24) The inventors have noted that the integrity tests currently used might not detect certain errors when generating pairs of keys, especially during attacks such as mentioned hereinabove.

(25) An attacker can cause errors in the computation of the private exponent by side channel observation of the operation of the device implementing the key generation and then by physical attack of the device so as to perturb this operation. The attacker may for example use lasers to perturb the device or else perturb the latter's electrical power supply.

(26) By way of illustration, if an error a (such as mentioned hereinabove) is introduced so that the number a divides the value k.Math.(n)/ (k being an integer), and that the number d is determined in place of the number d such that d.Math.e=1+k.Math.(n)/ then an integrity test, such as for example defined in FIPS standard 140-2, executed on a message m of order s does not make it possible to detect the error if s divides k.Math.(n)/ whereas it does make it possible to detect it if s does not divide k.Math.(n)/. It is recalled that the order s of the message m in the additive group is the number of times that it is necessary to add together the message m to obtain 1.

(27) Indeed, let e, p and q be RSA parameters with n=p.Math.q. if d=e.sup.1 mod (n)/ is the erroneous exponent, the correct exponent being d=e.sup.1 mod (n), if d is different from d then m Z.sub.n* such that (m.sup.e).sup.dm mod n. Moreover, if m Z.sub.n* we have (m.sup.e).sup.d=m mod n then d=d. The proof of this is possible but is not presented here for the sake of conciseness.

(28) Hereinafter, there is described a method making it possible to render the integrity tests sensitive to errors of this type. The integrity tests may be implemented during or after the generation of the keys.

(29) With reference to FIG. 2, there is described a method of testing integrity of cryptographic key pairs which can be implemented when the prime numbers p and q on the basis of which the keys are generated are not known.

(30) During a first step 200, a counter i is initialized to the value 1. Thereafter, a probabilistic factorization algorithm is implemented during a step 201. This algorithm makes it possible, on the basis of n (n=p.Math.q), of the public exponent e of the public key and of d the private exponent of the private key of which it is sought to know whether or not it is erroneous, to retrieve the prime factors p and q of n.

(31) Once step 201 has been executed, it is determined during a step 202 whether it has made it possible to retrieve the numbers p and q.

(32) If the execution of step 201 has not made it possible to determine these numbers (NOK), it is verified whether the counter i has reached the value M during step 203. The value M is a maximum number of times that the algorithm of step 201 should be executed. If the number M is reached (OK), it is determined during a step 204 that the pair of keys is corrupted. If on the contrary (NOK), the value M is not yet reached, step 201 is executed a new time.

(33) Returning to step 202, if in step 201, it has been possible to determine the numbers p and q (OK), a step 205 is implemented during which the least common multiple (n) of the numbers p1 and q1 is computed ((n)=(p1).Math.(q1)).

(34) Thereafter, it is tested during a step 206, whether the product e.Math.d is congruent to 1 modulo (n) (e.Math.d=1 mod (n)). If such is the case (OK), it is determined during step 207 that the pair of keys is not corrupted. Otherwise (NOK), the process goes back to step 204.

(35) Alternatively, or in combination, there can be undertaken the comparison between (n) and (n) to verify that (n)=(n).

(36) Alternatively, or in combination, it can moreover be verified whether (n) mod p1 and (n) mod q1 are both equal to 0.

(37) In these alternatives, the value (n), computed on the basis of p and q is kept in memory and then read for the verifications.

(38) Also alternatively, or in combination, the values p and q may be used to verify that e.Math.d=1 mod (p1).Math.(q1).

(39) The search for the factors p and q of n may have a computational cost of the order of O(u.Math.log.sup.3(n)), typically for a probabilistic factorization algorithm. The probability of finding a factor of n after u trials is greater than or equal to 12.sup.u. Thus, after ten trials, the probability of factorization is greater than or equal to 99.9%.

(40) Once the factorization has been performed, the cost of the test of step 406 is dominated by the cost of computing the greatest common divisor implemented to compute the least common multiple (it is recalled that lcm(p1; q1)=(p1).Math.(q1)/gcd(p1, q1)).

(41) Thus, the total cost of the method is of the order of O(log.sup.3(n))+O(log.sup.3(n))=O(log.sup.3(n)) for a probability of detection of greater than or equal to 99.9%. For its part, the cost of a conventional verification method is of the order of O(log.sup.3(n)) for a probability of detection of the order of 50% (experimental data).

(42) FIG. 3 schematically illustrates a device according to embodiments.

(43) The device 30 of FIG. 3 comprises a memory unit 31 (MEM). This memory unit comprises a random-access memory for storing, in a non-enduring manner, computation data used during the implementation of a method in accordance with the invention, according to diverse embodiments. The memory unit moreover comprises a nonvolatile memory (for example of the EEPROM type) for storing for example a computer program, according to an embodiment, for its execution by a processor (not represented) of a processing unit 31 (PROC) of the device.

(44) The device moreover comprises a communication unit 33 (COM), for example for exchanging data with another device in accordance with embodiments. Data exchanges between devices may be realized according to the APDU protocol, the initials standing for Application Protocol Data Unit, such as defined in ISO standard 7816 part 4.

(45) The communication unit can thus comprise an input/output interface able to exchange according to this protocol. The data exchanged may be realized by APDU commands and responses to commands of this type.

(46) A device according to embodiments may be in accordance with the standard ISO7816. It may for example be a chip card or a secure element.

(47) A device according to embodiments is for example an integrated circuit.

(48) The present invention has been described and illustrated in the present detailed description with reference to the attached figures. However, the present invention is not limited to the embodiments presented. Other variants, embodiments and combinations of characteristics may be deduced and implemented by the person skilled in the art on reading the present description and appended figures.

(49) In the claims, the term comprise does not exclude other elements or other steps. The indefinite article a does not exclude the plural. A single processor or several other units may be used to implement the invention. The various characteristics presented and/or claimed may advantageously be combined. Their presence in the description or in different dependent claims does not in fact exclude the possibility of combining them. The reference signs should not be understood as limiting the scope of the invention.