Protections against Differential Analysis for Elliptic Curve Cryptography — An Algebraic Approach —

  • Marc Joye
  • Christophe Tymen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2162)


We propose several new methods to protect the scalar multiplication on an elliptic curve against Differential Analysis. The basic idea consists in transforming the curve through various random morphisms to provide a non-deterministic execution of the algorithm.

The solutions we suggest complement and improve the state-of-the-art, but also provide a practical toolbox of efficient countermeasures. These should suit most of the needs for protecting implementations of crypto-algorithms based on elliptic curves.


Public-key cryptography Side-channel attacks Differential power analysis (DPA) Timing attacks Elliptic curves Smart-cards 


  1. 1.
    IEEE Std 1363-2000. IEEE Standard Specifications for Public-Key Cryptography. IEEE Computer Society, August 29, 2000.Google Scholar
  2. 2.
    D.V. Chudnovsky and G.V. Chudnovsky. Sequences of numbers generated by addition in formal groups and new primality and factorization tests. Advances in Applied Math., 7:385–434, 1986/7.MathSciNetzbMATHCrossRefGoogle Scholar
  3. 3.
    Henri Cohen. A Course in Computational Algebraic Number Theory. Number 138 in Graduate Texts in Mathematics. Springer-Verlag, 1993.Google Scholar
  4. 4.
    Henri Cohen, Atsuko Miyaji, and Takatoshi Ono. Efficient elliptic curve exponentiation using mixed coordinates. In K. Ohta and D. Pei, editors, Advances in Cryptology-ASIACRYPT’ 98, volume 1514 of Lecture Notes in Computer Science, pages 51–65. Springer-Verlag, 1998.Google Scholar
  5. 5.
    Jean-Sébastien Coron. Resistance against differential power analysis for elliptic curve cryptosystems. In Ç.K. Koç and C. Paar, editors, Cryptographic Hardware and Embedded Systems (CHES’ 99), volume 1717 of Lecture Notes in Computer Science, pages 292–302. Springer-Verlag, 1999.CrossRefGoogle Scholar
  6. 6.
    Daniel M. Gordon. A survey on fast exponentiation methods. Journal of Algorithms, 27:129–146, 1998.MathSciNetzbMATHCrossRefGoogle Scholar
  7. 7.
    M. Anwar Hasan. Power analysis attacks and algorithmic approaches to their countermeasures for Koblitz curve cryptosystems. In Ç.K. Koç and C. Paar, editors, Cryptographic Hardware and Embedded Systems-CHES 2000, volume 1965 of Lecture Notes in Computer Science, pages 93–108. Springer-Verlag, 2000.CrossRefGoogle Scholar
  8. 8.
    Neal Koblitz. CM-curves with good cryptographic protocols. In J. Feigenbaum, editor, Advances in Cryptology-CRYPTO’ 91, volume 576 of Lecture Notes in Computer Science, pages 279–287. Springer-Verlag, 1992.Google Scholar
  9. 9.
    Paul Kocher, Joshua Jaffe, and Benjamin Jun. Differential power analysis. In M. Wiener, editor, Advances in Cryptology-CRYPTO’ 99, volume 1666 of Lecture Notes in Computer Science, pages 388–397. Springer-Verlag, 1999.Google Scholar
  10. 10.
    Paul C. Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In N. Koblitz, editor, Advances in Cryptology-CRYPTO’ 96, volume 1109 of Lecture Notes in Computer Science, pages 104–113. Springer-Verlag, 1996.Google Scholar
  11. 11.
    W. Meier and O. Staffelbach. Efficient multiplication on certain non-supersingular elliptic curves. In E.F. Brickell, editor, Advances in Cryptology-CRYPTO’ 92, volume 740 of Lecture Notes in Computer Science, pages 333–344. Springer-Verlag, 1993.Google Scholar
  12. 12.
    Alfred J. Menezes. Elliptic Curve Public Key Cryptosystems. Kluwer Academic Publishers, 1993.Google Scholar
  13. 13.
    Atsuko Miyaji, Takatoshi Ono, and Henri Cohen. Efficient elliptic curve exponentiation. In Y. Han, T. Okamoto, and S. Qing, editors, Information and Communications Security (ICICS’ 97), volume 1334 of Lecture Notes in Computer Science, pages 282–290. Springer-Verlag, 1997.CrossRefGoogle Scholar
  14. 14.
    Jerome A. Solinas. An improved algorithm for arithmetic on a family of elliptic curves. In B. Kaliski, editor, Advances in Cryptology-CRYPTO’ 97, volume 1294 of Lecture Notes in Computer Science, pages 357–371. Springer-Verlag, 1997.CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Marc Joye
    • 1
  • Christophe Tymen
    • 2
  1. 1.Card Security GroupGemplus Card InternationalGémenosFrance
  2. 2.Ecole Normale SupérieureParisFrance

Personalised recommendations