Advertisement

Resistance of Randomized Projective Coordinates Against Power Analysis

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3659)

Abstract

Embedded devices implementing cryptographic services are the result of a trade-off between cost, performance and security. Aside from flaws in the protocols and the algorithms used, one of the most serious threats against secret data stored in such devices is Side Channel Analysis.

Implementing Public Key Cryptography in low-profile devices such as smart cards is particularly challenging given the computational complexity of the operations involved. In the area of elliptic curve cryptography, some choices of curves and coefficient fields are known to speed up computations, like scalar multiplication. From a theoretical standpoint, the use of optimized structures does not seem to weaken the cryptosystems which use them. Therefore several standardization bodies, such as the NIST, recommend such choices of parameters. However, the study of their impact on practical security of implementations may have been underestimated.

In this paper, we present a new chosen-ciphertext Side-Channel Attack on scalar multiplication that applies when optimized parameters, like NIST curves, are used together with some classical anti-SPA and anti-DPA techniques. For a typical exponent size, the attack allows to recover a secret exponent by performing only a few hundred adaptive power measurements.

Keywords

Elliptic Curve Smart Card Elliptic Curf Scalar Multiplication Secret Data 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    ANSI X9.62-1998. Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA) (1998)Google Scholar
  2. 2.
    Baigneres, T., Junod, P., Vaudenay, S.: How Far Can We Go Beyond Linear Cryptanalysis? In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 432–450. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Kocher, C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  4. 4.
    Coron, J.-S.: Resistance Against Differential Analysis for Elliptic Curve Cryptography. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  5. 5.
    Feller, W.: An Introduction To Probability Theory and Its Applications. Wiley Series In Probability And Mathematical Statistics. John Wiley & Sons, Chichester (1968)zbMATHGoogle Scholar
  6. 6.
    Goubin, L.: A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 199–210. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  7. 7.
    Itoh, K., Izu, T., Takenaka, M.: Efficient Countermeasures Against Power Analysis for Elliptic Curve Cryptosystems. In: CARDIS, pp. 99–114 (2004)Google Scholar
  8. 8.
    Koblitz, N.: Elliptic Curve Cryptosystems. Mathematics of Computation 48, 203–209 (1987)zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Kocher, C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  10. 10.
    Miller, V.: Use of Elliptic Curve in Cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
  11. 11.
    Montgomery, P.: Speeding the Pollard and Elliptic Curves Methods of Factorization. Math. Comp 44 (1985)Google Scholar
  12. 12.
    NIST. Recommended Elliptic Curves for Federal Government Use (2000)Google Scholar
  13. 13.
    Standards for Efficient Cryptography Group/ Certicom Research. SEC 2: Recommended Elliptic Curve Cryptography Domain Parameters, Version 1.0 (2000), http://www.secg.org

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  1. 1.DCSSI Crypto LabPARIS 07 SP

Personalised recommendations