International Conference on the Theory and Applications of Cryptographic Techniques

EUROCRYPT 2004: Advances in Cryptology - EUROCRYPT 2004 pp 257-267

Projective Coordinates Leak

  • David Naccache
  • Nigel P. Smart
  • Jacques Stern
Conference paper

DOI: 10.1007/978-3-540-24676-3_16

Volume 3027 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Naccache D., Smart N.P., Stern J. (2004) Projective Coordinates Leak. In: Cachin C., Camenisch J.L. (eds) Advances in Cryptology - EUROCRYPT 2004. EUROCRYPT 2004. Lecture Notes in Computer Science, vol 3027. Springer, Berlin, Heidelberg

Abstract

Denoting by P=[k]G the elliptic-curve double-and-add multiplication of a public base point G by a secret k, we show that allowing an adversary access to the projective representation of P, obtained using a particular double and add method, may result in information being revealed about k.

Such access might be granted to an adversary by a poor software implementation that does not erase the Z coordinate of P from the computer’s memory or by a computationally-constrained secure token that sub-contracts the affine conversion of P to the external world.

From a wider perspective, our result proves that the choice of representation of elliptic curve points can reveal information about their underlying discrete logarithms, hence casting potential doubt on the appropriateness of blindly modelling elliptic-curves as generic groups.

As a conclusion, our result underlines the necessity to sanitize Z after the affine conversion or, alternatively, randomize P before releasing it out.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • David Naccache
    • 1
  • Nigel P. Smart
    • 2
  • Jacques Stern
    • 3
  1. 1.Gemplus Card International, Applied Research & Security CentreIssy-les-MoulineauxFrance
  2. 2.Department of Computer ScienceUniversity of BristolBristolUnited Kingdom
  3. 3.École Normale Supérieure, Département d’InformatiqueParis 05France