The Jacobi Model of an Elliptic Curve and Side-Channel Analysis

  • Olivier Billet
  • Marc Joye
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2643)

Abstract

A way for preventing SPA-like attacks on elliptic curve systems is to use the same formula for the doubling and the general addition of points on the curve. Various proposals have been made in this direction with different results. This paper re-investigates the Jacobi form suggested by Liardet and Smart (CHES 2001). Rather than considering the Jacobi form as the intersection of two quadrics, the addition law is directly derived from the underlying quartic. As a result, this leads to substantial memory savings and produces the fastest unified addition formula for curves of order a multiple of 2, as those required for OK-ECDH or OK-ECDSA.

Keywords

elliptic curve cryptosystems unified addition formula side-channel analysis SPA-like attacks smart cards 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Key Agreement Scheme OK-ECDH. Hitachi Ltd., 2001.Google Scholar
  2. 2.
    Digital Signature Scheme OK-ECDSA. Hitachi Ltd., 2001.Google Scholar
  3. 3.
    Éric Brier and Marc Joye. Weierstraß elliptic curves and side-channel attacks. In D. Naccache, editor, Public Key Cryptography, volume 2274 of Lecture Notes in Computer Science, pages 335–345. Springer-Verlag, 2002.CrossRefGoogle Scholar
  4. 4.
    J.W.S. Cassels and E.V. Flynn. Prolegomena to a middlebrow arithmetic of curves of genus 2. Number 230 in London Mathematical Society, Lecture Notes Series. Cambridge Univ. Press, 2000.Google Scholar
  5. 5.
    D.V. Chudnovsky and G.V. Chudnovsky. Sequences of numbers generated by addition in formal groups and new primality and factorization tests. Adv. Appl. Math., 7:385–434, 1986/87.MATHCrossRefMathSciNetGoogle Scholar
  6. 6.
    Jean-Sébastien Coron. Resistance against differential power analysis for elliptic curve cryptosystems. In Ç.K. Koç and C. Paar, editors, Cryptographic Hardware and Embedded Systems (CHES’ 99), volume 1717 of Lecture Notes in Computer Science, pages 292–302. Springer-Verlag, 1999.CrossRefGoogle Scholar
  7. 7.
    Jun-ichi Igusa. On the transformation theory of elliptic functions. Amer. J. Math., 81:436–452, 1959.MATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Marc Joye and Jean-Jacques Quisquater. Hessian elliptic curves and side-channel attacks. In Ç.K. Koç, D. Naccache, and C. Paar, editors, Cryptographic Hardware and Embedded Systems — CHES 2001, volume 2162 of Lecture Notes in Computer Science, pages 402–410. Springer-Verlag, 2001.CrossRefGoogle Scholar
  9. 9.
    Paul Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In N. Koblitz, editor, Advances in Cryptology — CRYPTO’96, volume 1109 of Lecture Notes in Computer Science, pages 104–113. Springer-Verlag, 1996.Google Scholar
  10. 10.
    Paul Kocher, Joshua Jaffe, and Benjamin Jun. Differential power analysis. In M. Wiener, editor, Advances in Cryptology — CRYPTO’99, volume 1666 of Lecture Notes in Computer Science, pages 388–397. Springer-Verlag, 1999.Google Scholar
  11. 11.
    Peter S. Landweber. Supersingular elliptic curves and congruences for Legendre polynomials. In P.S. Landweber, editor, Elliptic Curves and Modular Forms in Algebraic Topology, volume 1326 of Lecture Notes in Mathematics, Springer-Verlag, 1988.Google Scholar
  12. 12.
    Pierre-Yvan Liardet and Nigel P. Smart. Preventing SPA/DPA in ECC systems using the Jacobi form. In Ç.K. Koç, D. Naccache, and C. Paar, editors, Cryptographic Hardware and Embedded Systems — CHES 2001, volume 2162 of Lecture Notes in Computer Science, pages 391–401. Springer-Verlag, 2001.CrossRefGoogle Scholar
  13. 13.
    J.R. Merriman, S. Siksek, and N.P. Smart. Explicit 4-descents on an elliptic curve. Acta Arith., 77(4):385–404, 1996.MATHMathSciNetGoogle Scholar
  14. 14.
    Joseph H. Silverman. The arithmetic of elliptic curves, volume 106 of Graduate Texts in Mathematics. Springer-Verlag, 1986.Google Scholar
  15. 15.
    E.T. Whittaker and G.N. Watson. A course of modern analysis. Cambridge University Press, 4th edition, 1927.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Olivier Billet
    • 1
    • 2
    • 3
  • Marc Joye
    • 1
  1. 1.Card Security GroupGemplus Card InternationalLa Ciotat CedexFrance
  2. 2.Télécom Paris (ENST)Paris Cedex 13France
  3. 3.Laboratoire DieudonnéUNSANice Cedex 02France

Personalised recommendations