Side-Channel Analysis on Blinded Regular Scalar Multiplications

  • Benoit Feix
  • Mylène Roussellet
  • Alexandre Venelli
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8885)

Abstract

We present a new side-channel attack path threatening state-of-the-art protected implementations of elliptic curves embedded scalar multiplications. Regular algorithms such as the double-and-add-always and the Montgomery ladder are commonly used to protect the scalar multiplication from simple side-channel analysis. Combining such algorithms with scalar and/or point blinding countermeasures lead to scalar multiplications protected from all known attacks. Scalar randomization, which consists in adding a random multiple of the group order to the scalar value, is a popular countermeasure due to its efficiency. Amongst the several curves defined for usage in elliptic curves products, the most used are those standardized by the NIST. As observed in several previous publications, the modulus, hence the orders, of these curves are sparse, primarily for efficiency reasons. In this paper, we take advantage of this specificity to present new attack paths which combine vertical and horizontal side-channel attacks to recover the entire secret scalar in state-of-the-art protected elliptic curve implementations.

Keywords

Elliptic crves Scalar multiplication Side-channel analysis Correlation analysis 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Benoit Feix
    • 1
  • Mylène Roussellet
    • 2
  • Alexandre Venelli
    • 3
  1. 1.UL Security TransactionsUK Security LabBasingstokeUK
  2. 2.GemaltoLa CiotatFrance
  3. 3.Thalès Communications and SecurityToulouseFrance

Personalised recommendations