Abstract
The isogeny for elliptic curve cryptosystems was initially used for the efficient improvement of order counting methods. Recently, Smart proposed the countermeasure using isogeny for resisting the refined differential power analysis by Goubin (Goubin’s attack). In this paper, we examine the countermeasure using isogeny against zero-value point (ZVP) attack that is generalization of Goubin’s attack. We show that some curves require higher order of isogeny to prevent ZVP attack. Moreover, we prove that this countermeasure cannot transfer a class of curve to the efficient curve that is secure against ZVP attack. This class satisfies that the curve order is odd and (-3/p)=-1 for the base field p, and includes three SECG curves. In the addition, we compare some efficient algorithms that are secure against both Goubin’s attack and ZVP attack, and present the most efficient method of computing the scalar multiplication for each curve from SECG. Finally, we discuss another improvement for the efficient scalar multiplication, namely the usage of the point (0,y) for the base point of curve parameters. We are able to improve about 11% for double-and-add-always method, when the point (0,y) exists in the underlying curve or its isogeny.
Chapter PDF
Similar content being viewed by others
References
Akishita, T., Takagi, T.: Zero-Value Point Attacks on Elliptic Curve Cryptosystem. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 218–233. Springer, Heidelberg (2003)
Blake, I., Seroussi, G., Smart, N.: Elliptic Curve in Cryptography. Cambridge University Press, Cambridge (1999)
Brier, E., Joye, M.: Weierstrass Elliptic Curve and Side-Channel Attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 335–345. Springer, Heidelberg (2002)
Brier, E., Joye, M.: Fast Point Multiplication on Elliptic Curves through Isogenies. In: Fossorier, M.P.C., Høholdt, T., Poli, A. (eds.) AAECC 2003. LNCS, vol. 2643, pp. 43–50. Springer, Heidelberg (2003)
Coron, J.-S.: Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)
Fischer, W., Giraud, C., Knundsen, E.W., Seifert, J.-P.: Parallel Scalar Multiplication on General Elliptic Curves over IF p Hedged against Non- Differential Side-Channel Attacks. IACR Cryptology ePrint Archive 2002/007, http://eprint.iacr.org/2002/007/
Goubin, L.: A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 199–211. Springer, Heidelberg (2002)
Izu, T., Möller, B., Takagi, T.: Improved Elliptic Curve Multiplication Methods Resistant against Side Channel Attacks. In: Menezes, A., Sarkar, P. (eds.) INDOCRYPT 2002. LNCS, vol. 2551, pp. 296–313. Springer, Heidelberg (2002)
Izu, T., Takagi, T.: A Fast Parallel Elliptic Curve Multiplication Resistant against Side Channel Attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 280–296. Springer, Heidelberg (2002)
Izu, T., Takagi, T.: A Fast Parallel Elliptic Curve Multiplication Resistant against Side Channel Attacks, Technical Report CORR 2002-03, http://www.cacr.math.uwaterloo.ca/techreports/2002/corr2002-03.ps
Joye, M., Tymen, C.: Protection against Differential Analysis for Elliptic Curve Cryptography. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 377–390. Springer, Heidelberg (2001)
Lercier, R., Morain, F.: Counting the Number of Points of on Elliptic Curves over Finite Fields: Strategies and Performances. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 79–94. Springer, Heidelberg (1995)
Möller, B.: Securing Elliptic Curve Point Multiplication against Side-Channel Attacks. In: Davida, G.I., Frankel, Y. (eds.) ISC 2001. LNCS, vol. 2200, pp. 324–334. Springer, Heidelberg (2001)
Möller, B.: Parallelizable Elliptic Curve Point Multiplication Method with Resistance against Side-Channel Attacks. In: Chan, A.H., Gligor, V.D. (eds.) ISC 2002. LNCS, vol. 2433, pp. 402–413. Springer, Heidelberg (2002)
Montgomery, P.L.: Speeding the Pollard and Elliptic Curve Methods of Factorization. Mathematics of Computation 48, 243–264 (1987)
Okeya, K., Takagi, T.: The Width-w NAF Method Provides Small Memory and Fast Elliptic Scalar Multiplications Secure against Side Channel Attacks. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 328–343. Springer, Heidelberg (2003)
Smart, N.: An Analysis of Goubin’s Refined Power Analysis Attack. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 281–290. Springer, Heidelberg (2003)
Standard for Efficient Cryptography (SECG), SEC2: Recommended Elliptic Curve Domain Parameters, Version 1.0 (2000), http://www.secg.org/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Akishita, T., Takagi, T. (2004). On the Optimal Parameter Choice for Elliptic Curve Cryptosystems Using Isogeny. In: Bao, F., Deng, R., Zhou, J. (eds) Public Key Cryptography – PKC 2004. PKC 2004. Lecture Notes in Computer Science, vol 2947. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24632-9_25
Download citation
DOI: https://doi.org/10.1007/978-3-540-24632-9_25
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21018-4
Online ISBN: 978-3-540-24632-9
eBook Packages: Springer Book Archive