Universal Exponentiation Algorithm A First Step towards Provable SPA-Resistance

  • Christophe Clavier
  • Marc Joye
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2162)


Very few countermeasures are known to protect an exponentiation against simple side-channel analyses. Moreover, all of them are heuristic.

This paper presents a universal exponentiation algorithm. By tying the exponent to a corresponding addition chain, our algorithm can virtually execute any exponentiation method.

Our aim is to transfer the security of the exponentiation method being implemented to the exponent itself. As a result, we hopefully tend to reconcile the provable security notions of modern cryptography with real-world implementations of exponentiation-based cryptosystems.


Implementation exponentiation RSA cryptosystem discrete logarithm side-channel attacks simple power analysis (SPAaddition chains provable security smart-cards 


  1. 1.
    Mihir Bellare, Anand Desai, David Pointcheval, and Phillip Rogaway. Relations among notions of security for public-key encryption schemes. Full paper (30 pages), February 1999. An extended abstract appears in H. Krawczyk, ed., Advances in Cryptology-CRYPTO’ 98, volume 1462 of Lecture Notes in Computer Science, pages 26–45, Springer-Verlag, 1998.CrossRefGoogle Scholar
  2. 2.
    Mihir Bellare and Phillip Rogaway. Random oracles are practical: A paradigm for designing efficient protocols. In First ACM Conference on Computer and Communications Security, pages 62–73. ACM Press, 1993.Google Scholar
  3. 3.
    Mihir Bellare and Phillip Rogaway. Optimal asymmetric encryption. In A. De Santis, editor, Advances in Cryptology-EUROCRYPT’ 94, volume 950 of Lecture Notes in Computer Science, pages 92–111. Springer-Verlag, 1995.CrossRefGoogle Scholar
  4. 4.
    F. Bergeron, J. Berstel, S. Brlek, and C. Duboc. Addition chains using continued fractions. Journal of Algorithms, 10(3):403–412, September 1989.Google Scholar
  5. 5.
    Suresh Chari, Charanjit S. Jutla, Josyula R. Rao, and Pankaj Rohatgi. Towards sound approaches to counteract power-analysis attacks. In M. Wiener, editor, Advances in Cryptology-CRYPTO’ 99, volume 1666 of Lecture Notes in Computer Science, pages 398–412. Springer-Verlag, 1999.Google Scholar
  6. 6.
    Oded Goldreich. On the foundations of modern cryptography. In B. Kaliski, editor, Advances in Cryptology-CRYPTO’ 97, volume 1294 of Lecture Notes in Computer Science, pages 46–74. Springer-Verlag, 1997.CrossRefGoogle Scholar
  7. 7.
    Shafi Goldwasser and Silvio Micali. Probabilistic encryption. Journal of Computer and System Sciences, 28:270–299, 1984.MathSciNetzbMATHCrossRefGoogle Scholar
  8. 8.
    Donald E. Knuth. The art of computer programming/Seminumerical algorithms, volume 2. Addison-Wesley, 2nd edition, 1981.Google Scholar
  9. 9.
    Paul Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In N. Koblitz, editor, Advances in Cryptology-CRYPTO’ 96, volume 1109 of Lecture Notes in Computer Science, pages 104–113. Springer-Verlag, 1996.Google Scholar
  10. 10.
    Paul Kocher. Secure modular exponentiation with leak minimization for smart cards and other cryptosystems. International patent WO 99/67909, March 1998.Google Scholar
  11. 11.
    Paul Kocher, Joshua Jaffe, and Benjamin Jun. Differential power analysis. In M. Wiener, editor, Advances in Cryptology-CRYPTO’ 99, volume 1666 of Lecture Notes in Computer Science, pages 388–397. Springer-Verlag, 1999.Google Scholar
  12. 12.
    Colin D. Walter. Exponentiation using division chains. IEEE Transactions on Computers, 47(7):757–765, July 1998.Google Scholar
  13. 13.
    Yacov Yacobi. Exponentiating faster with addition chains. In Advances in Cryptology — EUROCRYPT’ 90, volume 473 of Lecture Notes in Computer Science, pages 222–229. Springer-Verlag, 1991.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Christophe Clavier
    • 1
  • Marc Joye
    • 1
  1. 1.Card Security GroupGemplus Card InternationalGémenosFrance

Personalised recommendations