rsaDpBlinded
fn
BigInt rsaDpBlinded(RSAPrivateKey key, BigInt c, Random random)RSA decryption primitive with blinding for side-channel resistance.
This function applies multiplicative blinding before the private key operation to prevent timing attacks. The blinding factor randomizes the input, making timing measurements useless to an attacker.
Blinding Process:- Generate random blinding factor r, where 1 < r < n and gcd(r, n) = 1
- Compute blinded ciphertext: c' = c * r^e mod n
- Compute blinded message: m' = (c')^d mod n
- Remove blinding: m = m' * r^(-1) mod n
Parameters
key | RSA private key. |
c | Ciphertext representative (0 <= c < n). |
random | Random number generator for blinding factor. |
Returns
Message representative m = c^d mod n.
Throws
CryptoException if c is out of range or random generation fails.