Abstract
Recent attacks show how an unskilled implementation of elliptic curve cryptosystems may reveal the involved secrets from a single execution of the algorithm. Most attacks exploit the property that addition and doubling on elliptic curves are different operations and so can be distinguished from side-channel analysis. Known countermeasures suggest to add dummy operations or to use specific parameterizations. This is at the expense of running time or interoperability.
This paper shows how to rewrite the addition on the general Weierstraß form of elliptic curves so that the same formulæ apply equally to add two different points or to double a point. It also shows how to generalize to the Weierstraß form a protection method previously applied to a specific form of elliptic curves due to Montgomery.
The two proposed methods offer generic solutions for preventing sidechannel attacks. In particular, they apply to all the elliptic curves recommended by the standards.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Christophe Clavier and Marc Joye. Universal exponentiation algorithm: A first step towards provable SPA-resistance. In Ç.K. Koç, D. Naccache, and C. Paar, editors, Cryptographic Hardware and Embedded Systems-CHES 2001, volume 2162 of Lecture Notes in Computer Science, pages 305–314. Springer-Verlag, 2001.
Jean-Sébastien Coron. Resistance against differential power analysis for elliptic curve cryptosystems. In Ç.K. Koç and C. Paar, editors, Cryptographic Hardware and Embedded Systems (CHES’ 99), volume 1717 of Lecture Notes in Computer Science, pages 292–302. Springer-Verlag, 1999.
Erik De Win, Serge Mister, Bart Preneel, and Michael Wiener. On the performance of signature schemes based on elliptic curves. In J.-P. Buhler, editor, Algorithmic Number Theory Symposium, volume 1423 of Lecture Notes in Computer Science, pages 252–266. Springer-Verlag, 1998.
Marc Joye and Jean-Jacques Quisquater. Hessian elliptic curves and sidechannel attacks. In Ç.K. Koç, D. Naccache, and C. Paar, editors, Cryptographic Hardware and Embedded Systems-CHES 2001, volume 2162 of Lecture Notes in Computer Science, pages 412–420. Springer-Verlag, 2001.
Marc Joye and Christophe Tymen. Protections against differential analysis for elliptic curve cryptography: an algebraic approach. In Ç.K. Koç, D. Naccache, and C. Paar, editors, Cryptographic Hardware and Embedded Systems-CHES 2001, volume 2162 of Lecture Notes in Computer Science, pages 386–400. Springer-Verlag, 2001.
Paul Kocher, Joshua Jaffe, and Benjamin Jun. Differential power analysis. In M. Wiener, editor, Advances in Cryptology-CRYPTO’99, volume 1666 of Lecture Notes in Computer Science, pages 388–397. Springer-Verlag, 1999.
Donald E. Knuth. The art of computer programming, v. 2. Seminumerical algorithms. Addison-Welsley, 2nd edition, 1981.
Paul Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In N. Koblitz, editor, Advances in Cryptology —CRYPTO’96, volume 1109 of Lecture Notes in Computer Science, pages 104–113. Springer-Verlag, 1996.
Julio López and Ricardo Dahab. Fast multiplication on elliptic curves over GF(2m) without precomputation. In Ç.K. Koç and C. Paar, editors, Cryptographic Hardware and Embedded Systems, volume 1717 of Lecture Notes in Computer Science, pages 316–327. Springer-Verlag, 1999.
Pierre-Yvan Liardet and Nigel P. Smart. Preventing SPA/DPA in ECC systems using the Jacobi form. In Ç.K. Koç, D. Naccache, and C. Paar, editors, Cryptographic Hardware and Embedded Systems-CHES 2001, volume 2162 of Lecture Notes in Computer Science, pages 401–411. Springer-Verlag, 2001.
François Morain and Jorge Olivos. Speeding up the computations on an elliptic curve using addition-subtraction chains. Theoretical Informatics and Applications, 24:531–543, 1990.
Bodo Möller. Securing elliptic curve point multiplication against sidechannel attacks. In G.I. Davida and Y. Frankel, editors, Information Security, volume 2200 of Lecture Notes in Computer Science, pages 324–334. Springer-Verlag, 2001.
Peter L. Montgomery. Speeding the Pollard and elliptic curve methods of factorization. Mathematics of Computation, 48(177):243–264, January 1987.
National Institute of Standards and Technology (NIST). Digital signature standard (DSS). FIPS PUB 186-2, 2000.
Katsuyuki Okeya and Kouichi Sakurai. Power analysis breaks elliptic curve cryptosystems even secure against the timing attack. In B. Roy and E. Okamoto, editors, Progress in Cryptology — INDOCRYPT2000, volume 1977 of Lecture Notes in Computer Science, pages 178–190. Springer-Verlag, 2000.
Certicom Research. Standards for efficient cryptography. Version 1.0, 2000. Available at url http://www.secg.org/.
Joseph H. Silverman. The arithmetic of elliptic curves, volume 106 of Graduate Texts in Mathematics. Springer-Verlag, 1986.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Brier, É., Joye, M. (2002). Weierstraß Elliptic Curves and Side-Channel Attacks. In: Naccache, D., Paillier, P. (eds) Public Key Cryptography. PKC 2002. Lecture Notes in Computer Science, vol 2274. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45664-3_24
Download citation
DOI: https://doi.org/10.1007/3-540-45664-3_24
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-43168-8
Online ISBN: 978-3-540-45664-3
eBook Packages: Springer Book Archive