Skip to main content
SpringerLink
Log in

Failure of the Point Blinding Countermeasure Against Fault Attack in Pairing-Based Cryptography

  • Conference paper
Codes, Cryptology, and Information Security (C2SI 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9084))

Abstract

Pairings are mathematical tools that have been proven to be very useful in the construction of many cryptographic protocols. Some of these protocols are suitable for implementation on power constrained devices such as smart cards or smartphone which are subject to side channel attacks. In this paper, we analyse the efficiency of the point blinding countermeasure in pairing based cryptography against side channel attacks. In particular,we show that this countermeasure does not protect Miller’s algorithm for pairing computation against fault attack. We then give recommendation for a secure implementation of a pairing based protocol using the Miller algorithm.

This work was supported in part by the French ANR-12-INSE-0014 SIMPATIC Project. The second author is supported by The Simons Foundations through Pole of Research in Mathematics with applications to Information Security, Subsaharan Africa.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anderson, R., Kuhn, M.: Tamper resistance – a cautionary note. In: The Second USENIX Workshop on Electronic Commerce Proceedings, pp. 1–11 (1996)

    Google Scholar 

  2. Bae, K., Moon, S., Ha, J.: Instruction fault attack on the Miller algorithm in a pairing-based cryptosystem. In: 2013 Seventh International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 167–174 (July 2013)

    Google Scholar 

  3. Barbulescu, R., Gaudry, P., Joux, A., Thomé, E.: A heuristic quasi-polynomial algorithm for discrete logarithm in finite fields of small characteristic. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 1–16. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  4. Blömer, J., da Silva, R.G., Günther, P., Krämer, J., Seifert, J.-P.: A practical second-order fault attack against a real-world pairing implementation. In: Proceedings of Fault Tolerance and Diagnosis in Cryptography (FDTC) (2014) (to appear), Updated version at http://eprint.iacr.org/2014/543

  5. Blömer, J., Günther, P., Liske, G.: Improved side channel attacks on pairing based cryptography. In: Prouff, E. (ed.) COSADE 2013. LNCS, vol. 7864, pp. 154–168. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  6. Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil pairing. SIAM J. of Computing 32(3), 586–615 (2003)

    Article  MATH  MathSciNet  Google Scholar 

  7. Bosma, J., Cannon, W., Playout, C.: The Magma algebra system I. the user language. J. Symbolic Comput. 24(3-4), 235–265 (1997)

    Article  MATH  MathSciNet  Google Scholar 

  8. Buchberger, B.: An algorithm form finding the basis elements of the residue class ring of a zero dimensional polynomial ideal (phd thesis 1965). In: Elsevier (eds.) Journal of Symbolic Computation, vol. 41, pp. 475–511. Elsevier (2006)

    Google Scholar 

  9. Cohen, H., Frey, G. (eds.): Handbook of elliptic and hyperelliptic curve cryptography. Discrete Math. Appl. Chapman & Hall/CRC (2006)

    Google Scholar 

  10. Dutta, R., Barua, R., Sarkar, P.: Pairing-based cryptography: A survey. Cryptology ePrint Archive, Report 2004/064 (2004)

    Google Scholar 

  11. El Mrabet, N.: What about vulnerability to a fault attack of the Miller algorithm during an Identity Based Protocol? In: Park, J.H., Chen, H.-H., Atiquzzaman, M., Lee, C., Kim, T.-h., Yeo, S.-S. (eds.) ISA 2009. LNCS, vol. 5576, pp. 122–134. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  12. El Mrabet, N: Fault attack against Miller’s algorithm. IACR Cryptology ePrint Archive, 2011:709 (2011)

    Google Scholar 

  13. El Mrabet, N., Di Natale, G., Flottes, M.-L., Rouzeyre, B., Bajard, J.-C.: Differential Power Analysis against the Miller algorithm. Technical report. Published in Prime 2009. IEEE Xplore (August 2008)

    Google Scholar 

  14. El Mrabet, N., Page, D., Vercauteren, F.: Fault attacks on pairing-based cryptography. In: Joye, M., Tunstall, M. (eds.) Fault Analysis in Cryptography, Information Security and Cryptography, pp. 221–236. Springer, Heidelberg (2012)

    Google Scholar 

  15. Freeman, D., Scott, M., Teske, E.: A taxonomy of pairing-friendly elliptic curves. J. Cryptology 23(2), 224–280 (2010)

    Article  MATH  MathSciNet  Google Scholar 

  16. Chowdhury, D.R., Santosh, G., Debdeep, M.: Fault attack and countermeasures on pairing based cryptography. International Journal of Network Security 12(1), 21–28 (2011)

    Google Scholar 

  17. Hess, F.: Pairing lattices. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 18–38. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  18. Hess, F., Smart, N., Vercauteren, F.: The Eta Pairing Revisited. IEEE Transactions on Information Theory 52, 4595–4602 (2006)

    Article  MATH  MathSciNet  Google Scholar 

  19. Iyama, T., Kiyomoto, S., Fukushima, K., Tanaka, T., Takagi, T.: Efficient implementation of pairing on brew mobile phones. In: Echizen, I., Kunihiro, N., Sasaki, R. (eds.) IWSEC 2010. LNCS, vol. 6434, pp. 326–336. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  20. Joux, A.: A new index calculus algorithm with complexity l(1/4 + o(1)) in small characteristic. In: Lange, T., Lauter, K., Lisoněk, P. (eds.) SAC 2013. LNCS, vol. 8282, pp. 355–379. Springer, Heidelberg (2014)

    Google Scholar 

  21. Joye, M., Neven, G.: Identity-based Cryptography. Cryptology and information security series. IOS Press (2009)

    Google Scholar 

  22. Kawahara, Y., Takagi, T., Okamoto, E.: Efficient implementation of Tate pairing on a mobile phone using java. In: 2006 International Conference on Computational Intelligence and Security, vol. 2, pp. 1247–1252 (November 2006)

    Google Scholar 

  23. Koblitz, N., Menezes, A.: Pairing-based cryptography at high security levels. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 13–36. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  24. Lashermes, R., Fournier, J., Goubin, L.: Inverting the final exponentiation of Tate pairings on ordinary elliptic curves using faults. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 365–382. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  25. Miller, V.: The Weil pairing and its efficient calculation. Journal of Cryptology 17, 235–261 (2004)

    Article  MATH  Google Scholar 

  26. Monagan, M.B., Geddes, K.O., Heal, K.M., Labahn, G., Vorkoetter, S.M., McCarron, J., DeMarco, P.: Maple 10 Programming Guide. Maplesoft, Waterloo ON (2005)

    Google Scholar 

  27. Page, D., Vercauteren, F.: A fault attack on Pairing-Based Cryptography. IEEE Transactions on Computers 55(9), 1075–1080 (2006)

    Article  MATH  Google Scholar 

  28. Park, J., Sohn, G., Moon, S.: Fault attack on a point blinding countermeasure of pairing algorithms. ETRI Journal 33(6) (2011)

    Google Scholar 

  29. Scott, M.: Computing the Tate pairing. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 293–304. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  30. Scott, M., Benger, N., Charlemagne, M., Dominguez Perez, L.J., Kachisa, E.J.: On the Final Exponentiation for Calculating Pairings on Ordinary Elliptic Curves. In: Shacham, H., Waters, B. (eds.) Pairing 2009. LNCS, vol. 5671, pp. 78–88. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  31. Scott, M., Costigan, N., Abdulwahab, W.: Implementing cryptographic pairings on smartcards. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 134–147. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  32. Stein, W.: Sage mathematics software (version 4.8). The Sage Group (2012), http://www.sagemath.org

  33. The PARI Group, Bordeaux. PARI/GP, version 2.7.0 (2014), http://pari.math.u-bordeaux.fr/ .

  34. Trichina, E., Korkikyan, R.: Multi fault laser attacks on protected CRT-RSA. In: 2010 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 75–86. IEEE (2010)

    Google Scholar 

  35. Vercauteren, F.: Optimal pairings. IEEE Trans. Inf. Theor. 56(1), 455–461 (2010)

    Article  MathSciNet  Google Scholar 

  36. Washington, L.C.: Elliptic curves, number theory and cryptography. Discrete Math. Aplli., Chapman and Hall (2008)

    Google Scholar 

  37. Whelan, C., Scott, M.: The importance of the final exponentiation in pairings when considering Fault Attacks. In: Takagi, T., Okamoto, T., Okamoto, E., Okamoto, T. (eds.) Pairing 2007. LNCS, vol. 4575, pp. 225–246. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LIASD, Université Paris 8, Saint-Denis, France

    Nadia El Mrabet

  2. SAS - CMP Gardanne, Saint-Étienne, France

    Nadia El Mrabet

  3. Dep of Mathematics, Higher Teacher’s Training College, University of Bamenda, Bamenda, Cameroun

    Emmanuel Fouotsa

  4. LMNO, Université de Caen, Caen, France

    Emmanuel Fouotsa

Authors
  1. Nadia El Mrabet
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Emmanuel Fouotsa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nadia El Mrabet .

Editor information

Editors and Affiliations

  1. University of Mohammed V, Rabat, Morocco

    Said El Hajji

  2. University of Caen, Caen, France

    Abderrahmane Nitaj

  3. LAGA,Universities of Paris 8 and Paris 13, Saint-Denis Cedex 02, France

    Claude Carlet

  4. University of Mohammed V, Rabat, Morocco

    El Mamoun Souidi

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

El Mrabet, N., Fouotsa, E. (2015). Failure of the Point Blinding Countermeasure Against Fault Attack in Pairing-Based Cryptography. In: El Hajji, S., Nitaj, A., Carlet, C., Souidi, E. (eds) Codes, Cryptology, and Information Security. C2SI 2015. Lecture Notes in Computer Science(), vol 9084. Springer, Cham. https://doi.org/10.1007/978-3-319-18681-8_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-18681-8_21

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-18680-1

  • Online ISBN: 978-3-319-18681-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation