Template Attacks on ECDSA

  • Marcel Medwed
  • Elisabeth Oswald
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5379)

Abstract

Template attacks have been considered exclusively in the context of implementations of symmetric cryptographic algorithms on 8-bit devices. Within these scenarios, they have proven to be the most powerful attacks. In this article we investigate how template attacks can be applied to implementations of an asymmetric cryptographic algorithm on a 32-bit platform. The asymmetric cryptosystem under scrutiny is the elliptic curve digital signature algorithm (ECDSA). ECDSA is particularly suitable for 32-bit platforms. In this article we show that even SPA resistant implementations of ECDSA on a typical 32-bit platform succumb to template-based SPA attacks. The only way to secure such implementations against template-based SPA attacks is to make them resistant against DPA attacks.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks – Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)MATHGoogle Scholar
  2. 2.
    Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13–28. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  3. 3.
    Rechberger, C., Oswald, E.: Practical template attacks. In: Lim, C.H., Yung, M. (eds.) WISA 2004. LNCS, vol. 3325, pp. 443–457. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Agrawal, D., Rao, J.R., Rohatgi, P., Schramm, K.: Templates as master keys. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 15–29. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  5. 5.
    Archambeau, C., Peeters, E., Standaert, F.-X., Quisquater, J.-J.: Template attacks in principal subspaces. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 1–14. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. 6.
    Gebotys, C.H., Ho, S., Tiu, C.C.: EM Analysis of Rijndael and ECC on a Wireless Java-Based PDA. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 250–264. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    National Institute of Standards and Technology (NIST): FIPS-186-2: Digital Signature Standard (DSS) (2000), http://www.itl.nist.gov/fipspubs/
  8. 8.
    Nguyen, P.Q., Shparlinski, I.E.: The Insecurity of the Elliptic Curve Digital Signature Algorithm with Partially Known Nonces. Design, Codes and Cryptography 30, 201–217 (2003)MathSciNetCrossRefMATHGoogle Scholar
  9. 9.
    Coron, J.S.: Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  10. 10.
    Joye, M.: V, Defences Against Side-Channel Analysis. In: Advances In Elliptic Curve Cryptography. London Mathematical Society Lecture Note Series, vol. 317, pp. 87–100. Cambridge University Press, Cambridge (2005)CrossRefGoogle Scholar
  11. 11.
    Demuth, M.: Lattice attacks on ECDSA. Master’s thesis, Graz University of Technology (2006)Google Scholar
  12. 12.
    Jaffe, J.: Introduction to Differential Power Analysis. Presented at ECRYPT Summerschool on Cryptographic Hardware, Side Channel and Fault Analysis (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Marcel Medwed
    • 2
    • 3
  • Elisabeth Oswald
    • 1
    • 2
  1. 1.Computer Science DepartmentUniversity of BristolBristolUK
  2. 2.Institute for Applied Information Processing and CommunicationsGraz University of TechnologyGrazAustria
  3. 3.Secure Business Austria (SBA)ViennaAustria

Personalised recommendations