Abstract
We introduce a new approach for randomizing the digit sets of binary integer representations used in elliptic curve cryptography, and present a formal analysis of the sparsity of such representations. The motivation is to improve the sparseness of integer representations and to provide a tool for defense against side channel attacks. Existing alternative digit sets D such as D = {0,1, − 1} require a certain non-adjacency property (no two successive digits are non-zero) in order to attain the desired level of sparseness. Our digit sets do not rely on the non-adjacency property, which in any case is only possible for a certain very restricted class of digit sets, but nevertheless achieve better sparsity. For example, we construct a large explicit family of digit sets for which the resulting integer representations consist on average of 74% zeros, which is an improvement over the 67% sparsity available using non-adjacent form representations. Our proof of the sparsity result is novel and is dramatically simpler than the existing analyses of non-adjacent form representations available in the literature, in addition to being more general. We conclude with some performance comparisons and an analysis of the resilience of our implementation against side channel attacks under an attack model called the open representation model. We emphasize that our side channel analysis remains preliminary and that our attack model represents only a first step in devising a formal framework for assessing the security of randomized representations as a side channel attack countermeasure.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Avione, G., Monnerat, J., Peyrin, T.: Advances in Alternative Non-adjacent Form Representations. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, Springer, Heidelberg (2004)
Bosma, W.: Signed bits and fast exponentiation, 21st Journées Arithmétiques (English, with English and French summaries). J. Théor. Nombres Bordeaux 13(1), 27–41 (2001)
Cohen, H., Frey, G.: Handbook of elliptic and hyperelliptic curve cryptography. In: Discrete Mathematics and its Applications(Boca Raton), Chapman & Hall/CRC, Boca Raton, FL (2006)
Coron, J.S.: Resistance against differential power analysis for elliptic curve. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 231–237. Springer, Heidelberg (1999)
Fouque, P.A., Muller, F., Poupard, G., Valette, F.: Defeating countermeasures based on randomized BSD representation. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 312–327. Springer, Heidelberg (2004)
Ha, J.C., Moon, S.J.: Randomized Signed-Scalar Multiplication of ECC to Resist Power Attacks, In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 551–563. Springer, Heidelberg (2003)
Heuberger, C., Prodinger, H.: Analysis of alternative digit sets for nonadjacent representations. Monatsh. Math. 147(3), 219–248 (2006)
Itoh, K., Yajima, J., Takaneka, M., Torii, N.: DPA countermeasures by improving the window method. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 303–317. Springer, Heidelberg (2003)
Jaffe, J., Jun, B., Kocher, P.: Differential Power Analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Joye, M., Yen, S.-M.: Optimal left-to-right binary signed-digit recoding. IEEE Trans On Computers 49(7), 740–748 (2000)
Kocher, P.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, Springer, Heidelberg (1996)
Liardet, P.-Y., Smart, N.P.: SPA/DPA in ECC systems using the Jacobi form. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, Springer, Heidelberg (2001)
Möller, B.: Securing Elliptic Curve Point Multiplication against Side-Channel Attacks. In: Davida, G.I., Frankel, Y. (eds.) ISC 2001. LNCS, vol. 2200, Springer, Heidelberg (2001)
Morain, F., Olivos, J.: Speeding up the computations on an elliptic curve using addition-subtraction chains (English, with French summary). RAIRO Inform. Théor. Appl. 24(6), 531–543 (1990)
Muir, J.A., Stinson, D.R.: Alternative digit sets for nonadjacent representations. SIAM J. Discrete Math. 19(1), 165–191 (2005)
Okeya, K., Han, D.-G.: Side Channel Attack on Ha-Moon’s Countermeasure of Randomized Signed Scalar Multiplication. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, Springer, Heidelberg (2003)
Okeya, K., Sakurai, K.: A Second-Order DPA Attack Breaks a Window-method based Countermeasure against Side Channel Attacks. In: Chan, A.H., Gligor, V.D. (eds.) ISC 2002. LNCS, vol. 2433, Springer, Heidelberg (2002)
Okeya, K., Sakurai, K.: On Insecurity of the Side Channel Attack Countermeasure using Addition-Subtraction Chains under Distinguishability between Addition and doubling. In: Batten, L.M., Seberry, J. (eds.) ACISP 2002. LNCS, vol. 2384, Springer, Heidelberg (2002)
Osvik, D.A., Shamir, A., Tromer, E.: Cache Attacks and Countermeasures: The Case of AES (Extended Version). In: Park, C.-s., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, Springer, Heidelberg (2005)
Oswald, E., Aigner, M.: Randomized addition-subtraction chains as a countermeasure against power attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, Springer, Heidelberg (2001)
Park, D.J., Lee, P.J.: A DPA Attack on the Improved Ha-Moon Algorithm. In: Song, J., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, Springer, Heidelberg (2006)
Reitwiesner, G.W.: Binary arithmetic. Advances in computers 1, 231–308 (1960)
Schnorr, C.P., Hörner, H.H.: Attacking the Chor-Rivest cryptosystem by improved lattice reduction. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, Springer, Heidelberg (1995)
Sim, S.G., Park, D.J., Lee, P.J.: New power analyses on the Ha-Moon algorithm and the MIST algorithm. In: Lopez, J., Qing, S., Okamoto, E. (eds.) ICICS 2004. LNCS, vol. 3269, Springer, Heidelberg (2004)
Walter, C.D.: Breaking the Liardet-Smart randomized exponentiation algorithm, Smart Card Research and Advanced Applications—CARDIS, Usenix Association (2002)
Walter, C.D.: Some security aspects of the MIST randomzied exponentiation algorithm. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, Springer, Heidelberg (2003)
Walter, C.D.: Issues of Security with the Oswald-Aigner Exponentiation Algorithm. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, Springer, Heidelberg (2004)
Yen, S.M., Chen, C.N., Moon, S., Ha, J.: Improvement on Ha-Moon randomized exponentiation algorithm. In: Park, C.-s., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jao, D., Raju, S.R., Venkatesan, R. (2007). Digit Set Randomization in Elliptic Curve Cryptography. In: Hromkovič, J., Královič, R., Nunkesser, M., Widmayer, P. (eds) Stochastic Algorithms: Foundations and Applications. SAGA 2007. Lecture Notes in Computer Science, vol 4665. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74871-7_10
Download citation
DOI: https://doi.org/10.1007/978-3-540-74871-7_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74870-0
Online ISBN: 978-3-540-74871-7
eBook Packages: Computer ScienceComputer Science (R0)