Date: 20 Sep 2001

Randomized Addition-Subtraction Chains as a Countermeasure against Power Attacks


Power Analysis attacks on elliptic curve cryptosystems and various countermeasures against them, have been first discussed by Coron ([6]). All proposed countermeasures are based on the randomization or blinding of the inputparameters of the binary algorithm. We propose a countermeasure that randomizes the binary algorithm itself. Our algorithm needs approximately 9% more additions than the ordinary binary algorithm, but makes power analysis attacks really difficult.