Abstract: The object of former RSA fault attack is the software ran in hardware, such as smartcard. In order to research on fault attack against software implementation of RSA, the software implementation algorithm of Chinese Remain Theorem(CRT) is analyzed, the fault attack algorithm against OpenSSL’s implementation of RSA is proposed. It proposes an advanced attack scheme which only needs once faulty signature. Simulation results show that the proposed algorithm has feasibility to break the RSA’s signature key, and some countermeasures are presented to defend this kind of attack.

Key words: fault attack, RSA, Chinese Remainder Theorem(CRT), digital signature

摘要： 原有的RSA故障攻击针对的都是运行在智能卡等硬件上的算法，为研究针对RSA软件实现方式的故障攻击，剖析中国剩余定理软件实现算法，提出针对OpenSSL密码库的RSA算法软件实现的故障攻击算法，给出一种只需要一次错误签名的改进攻击方案。通过仿真实验验证算法的可行性，并给出抵御此类攻击的有效措施。

关键词: 故障攻击, RSA算法, 中国剩余定理, 数字签名

CLC Number: 

• TN918