Unified Point Addition Formulæ and Side-Channel Attacks

  • Douglas Stebila
  • Nicolas Thériault
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4249)


The successful application to elliptic curve cryptography of side-channel attacks, in which information about the secret key can be recovered from the observation of side channels like power consumption, timing, or electromagnetic emissions, has motivated the recent development of unified formulæ for elliptic curve point operations. In this paper, we show how an attack introduced by Walter can be improved and used against the unified formulæ of Brier, Déchène and Joye when it relies on a standard field arithmetic implementation, both in affine and projective coordinates. We also describe how the field arithmetic might be implemented to obtain more uniform operations that avoid this type of attack.


elliptic-curve cryptography side-channel attacks unified point addition formulæ projective coordinates 


  1. 1.
    Koblitz, N.: Elliptic curve cryptosystems. Mathematics of Computation 48, 203–209 (1987)MATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Miller, V.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
  3. 3.
    Kocher, P.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)Google Scholar
  4. 4.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)Google Scholar
  5. 5.
    Agrawal, D., Archambeault, B., Rao, J.R., Rohatgi, P.: The EM Side-Channel(s). In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 29–45. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Coron, J.S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  7. 7.
    Montgomery, P.L.: Modular multiplication without trial division. Mathematics of Computation 44, 519–521 (1985)MATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Brier, É., Joye, M.: Weierstraß elliptic curves and side-channel attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 335–345. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Walter, C.D.: Simple power analysis of unified code for ECC double and add. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 191–204. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    Izu, T., Takagi, T.: On the Security of Brier-Joye’s Addition Formula for Weierstrass-form Elliptic Curves Technical Report, Technische Universität Darmstadt, Available online:
  11. 11.
    Brier, É., Déchène, I., Joye, M.: Unified point addition formulæ for elliptic curve cryptosystems. In: Nedjah, N., de Macedo Mourelle, L. (eds.) Embedded Cryptographic Hardware: Methodologies and Architectures, pp. 247–256. Nova Science Publishers (2004)Google Scholar
  12. 12.
    Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, Heidelberg (2004)MATHGoogle Scholar
  13. 13.
    National Institute of Standards and Technology: Recommended elliptic curves for federal government use (1999), Available online:
  14. 14.
    OpenSSL Project: OpenSSL v0.9.8, Available online (2005),
  15. 15.
    Mozilla Foundation: Netscape Security Services (NSS) v3.9 (2005), Available online:
  16. 16.
    Certicom Research: SEC 2: Recommended elliptic curve domain parameters (2000), Available online:
  17. 17.
    Hankerson, D., Hernandez, J.L., Menezes, A.: Software implementation of elliptic curve cryptography over binary fields. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 1–24. Springer, Heidelberg (2000)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Douglas Stebila
    • 1
  • Nicolas Thériault
    • 2
  1. 1.Institute for Quantum ComputingUniversity of WaterlooWaterlooCanada
  2. 2.Department of Combinatorics and OptimizationUniversity of WaterlooWaterlooCanada

Personalised recommendations