Randomized Addition-Subtraction Chains as a Countermeasure against Power Attacks

  • Elisabeth Oswald
  • Manfred Aigner
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2162)

Abstract

Power Analysis attacks on elliptic curve cryptosystems and various countermeasures against them, have been first discussed by Coron ([6]). All proposed countermeasures are based on the randomization or blinding of the inputparameters of the binary algorithm. We propose a countermeasure that randomizes the binary algorithm itself. Our algorithm needs approximately 9% more additions than the ordinary binary algorithm, but makes power analysis attacks really difficult.

Keywords

Power Analysis Elliptic Curve Cryptosystems 

References

  1. 1.
    E. Biham, A. Shamir, Power Analysis of the Key Scheduling of the AES Candidates Second AES Candidate Conference, Rome, March 1999, pp 115–121.Google Scholar
  2. 2.
    S. Chari, Ch. Jutla, J. Rao, P. Rohatgi.A Cautionary Note Regarding Evaluation of AES Candidates on Smart-Cards. Second AES Candidate Conference, Rome, March 22–23, 1999, pp 133–147.Google Scholar
  3. 3.
    S. Chari, Ch. Jutla, J. Rao, P. Rohatgi. Towards Sound Approaches to Counteract Power-Analysis Attacks, Proceedings of Advances in Cryptology-CRYPTO’99, Lecture Notes in Computer Science, vol. 1666, Springer, 1999, pp. 398–412Google Scholar
  4. 4.
    C. Clavier, J.-S. Coron, N. Dabbous, Differential Power Analysis in the presence of Hardware Countermeasures, Proceedings of Workshop on Cryptographic Hardware and Embedded Systems (CHES 2000), Lecture Notes in Computer Science, vol. 1965, Springer, 2000, pp. 252–263Google Scholar
  5. 5.
    I. Blake, G. Seroussi, N. Smart, Elliptic Curves in Cryptography, London Mathematical Society, Lecture Notes Series 265, Cambridge Universtiy PressGoogle Scholar
  6. 6.
    J.-S. Coron, Resistance against differential power analysis for elliptic curve cryp-tosystems, Proceedings of Workshop on Cryptographic Hardware and Embedded Systems (CHES 1999), Lecture Notes in Computer Science, vol. 1717, Springer, 1999, pp. 292–302CrossRefGoogle Scholar
  7. 7.
    J.-S. Coron, L. Goubin, On Boolean and Arithmetic Masking against Differential Power Analysis, Proceedings of Workshop on Cryptographic Hardware and Embedded Systems (CHES 2000), Lecture Notes in Computer Science, vol. 1965, Springer, 2000, pp. 231–237Google Scholar
  8. 8.
    J.-S. Coron, P. Kocher, D. Naccache, Statistics and Secret Leackage, to appear in Proceedings of Financial Cryptography, Springer-Verlag, February 2000Google Scholar
  9. 9.
    P. Fahn, P. Pearson. IPA: A New Class of Power Attacks, Proceedings of Workshop on Cryptographic Hardware and Embedded Systems (CHES 199), Lecture Notes in Computer Science, vol. 1717, Springer 1999Google Scholar
  10. 10.
    D. M. Gordon, A survey of fast exponentiation methods., J. Algorithms, 27, pp. 129–146, 1998MathSciNetMATHCrossRefGoogle Scholar
  11. 11.
    L. Goubin, J. Patarin. DES and Differential Power Analysis. Proceedings of Workshop on Cryptographic Hardware and Embedded Systems (CHES 199), Lecture Notes in Computer Science, vol. 1717, Springer 1999, pp 158–172.CrossRefGoogle Scholar
  12. 12.
    M. A. Hasan, Power Analysis Attacks and Algorithmic Approaches to Their Countermeasures for Koblitz Cryptosystems, Proceedings of Workshop on Cryptographic Hardware and Embedded Systems (CHES 2000), Lecture Notes in Computer Science, vol. 1965, Springer 2000, pp. 93–108Google Scholar
  13. 13.
    K.F. Ireland, M. Rosen, A Classical Introduction to Modern Number Theory, Graduate Texts in Mathematics, vol. 84, Springer-Verlag, Fifth printing, 1998Google Scholar
  14. 14.
    D. E. Knuth. Seminumerical algorithms. The Art of Computer Programming. T. II, Addison-Wesley.Google Scholar
  15. 15.
    N. Koblitz. Elliptic Curve Cryptosystems, Mathematics of Computation, vol. 48, 1987, pp. 203–209MathSciNetMATHCrossRefGoogle Scholar
  16. 16.
    P. Kocher, J. Jaffe and B. Jun, Differential Power Analysis, Proceedings of Advances in Cryptology-CRYPTO’99, Springer 1999, pp. 388–397Google Scholar
  17. 17.
    R. Mayer-Sommer, Smartly Analyzing the Simplicity and the Power of Simple Power Analysis on Smartcards, Proceedings of Workshop on Cryptographic Hardware and Embedded Systems (CHES 2000), Lecture Notes in Computer Science, vol. 1965, Springer 2000, pp. 78–92Google Scholar
  18. 18.
    A. J. Menezes, Elliptic Curve Public Key Cryptosystems, Kluwer Academic Publishers, 1993Google Scholar
  19. 19.
    T.S. Messerges, E. A. Dabbish and R. H. Sloan, Investigations of Power Analysis Attacks on Smartcards, Proceedings of USENIX Workshop on Smartcard Technology, May 1999, pp. 151–61.Google Scholar
  20. 20.
    T.S. Messerges, E. A. Dabbish and R. H. Sloan, Power Analysis Attacks of Modular Exponentiation in Smartcards, Workshop on Cryptographic Hardware and Embedded Systems, Lecture Notes in Computer Science, vol. 1717, Springer 1999.Google Scholar
  21. 21.
    T. S. Messerges, Using Second-Order Power Analysis to Attack DPA Resistant Software, Proceedings of Workshop on Cryptographic Hardware and Embedded Systems (CHES 2000), Lecture Notes in Computer Science, vol. 1965, Springer 2000, pp. 238–251Google Scholar
  22. 22.
    A. Shamir, Protecting Smart Cards from Passive Power Analysis with Detached Power Supplies, Proceedings of Workshop on Cryptographic Hardware and Embedded Systems (CHES 2000), Lecture Notes in Computer Science, vol. 1965, Springer 2000, pp. 71–77Google Scholar
  23. 23.
    F. Morain, J. Olivos. Speeding up the computation on an elliptic curve using addition-subtraction chains, Inform. Theory Appl. 24 (1990), 531–543.MathSciNetMATHGoogle Scholar
  24. 24.
    V. S. Miller. Use of Elliptic Curves in Cryptography, Proceedings of Crypto 85, Lecture Notes in Computer Science 218, Springer, 1986, pp. 417–426Google Scholar
  25. 25.
    N. Weste and K. Eshraghian, Principles of CMOS VLSI Design, Addison-Wesley Publishing Company, 1993.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Elisabeth Oswald
    • 1
  • Manfred Aigner
    • 1
  1. 1.Institute for Applied Information Processing and CommunicationsGraz University of TechnologyGrazAustria

Personalised recommendations