Randomized Addition-Subtraction Chains as a Countermeasure against Power Attacks

  • Elisabeth Oswald
  • Manfred Aigner
Conference paper

DOI: 10.1007/3-540-44709-1_5

Part of the Lecture Notes in Computer Science book series (LNCS, volume 2162)
Cite this paper as:
Oswald E., Aigner M. (2001) Randomized Addition-Subtraction Chains as a Countermeasure against Power Attacks. In: Koç Ç.K., Naccache D., Paar C. (eds) Cryptographic Hardware and Embedded Systems — CHES 2001. CHES 2001. Lecture Notes in Computer Science, vol 2162. Springer, Berlin, Heidelberg


Power Analysis attacks on elliptic curve cryptosystems and various countermeasures against them, have been first discussed by Coron ([6]). All proposed countermeasures are based on the randomization or blinding of the inputparameters of the binary algorithm. We propose a countermeasure that randomizes the binary algorithm itself. Our algorithm needs approximately 9% more additions than the ordinary binary algorithm, but makes power analysis attacks really difficult.


Power Analysis Elliptic Curve Cryptosystems 
Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Elisabeth Oswald
    • 1
  • Manfred Aigner
    • 1
  1. 1.Institute for Applied Information Processing and CommunicationsGraz University of TechnologyGrazAustria

Personalised recommendations