Abstract
The Frobenius endomorphism τ is known to be useful for efficient scalar multiplication on elliptic curves defined over a field with small characteristic (\(E(\mathbb{F}_q^m)\)). However, on devices with small resources, scalar multiplication algorithms using Frobenius are, as the usual double-and-add algorithms, vulnerable to Side Channel Attacks (SCA). The more successful countermeasure for thwarting the SCA attacks on the Frobenius-based τ – adic method seems to be the multiplier randomization technique introduced by Joye and Tymen. This technique increases the computational time by about 25%. In this paper, we propose two efficient countermeasures against SCA attacks, including the powerful RPA and ZPA attacks. First, we propose to adapt the Randomized Initial Point technique (RIP) to the τ – adic method for Koblitz curves with trace 1 by using a small precomputed table (only 3 points stored). We present also an efficient fixed base τ – adic method SCA-resistant based on the Lim and Lee technique. For this purpose we modify the τ – NAF representation of the secret scalar in order to obtain a new sequence of non-zero bit-strings. This, combined with the use of Randomized Linearly-transformed coordinates (RLC), will prevent the SCA attacks on the fixed base τ – adic method, including RPA and ZPA. Furthermore, our algorithm optimizes both the size of the precomputed table and the computation time. Indeed, we only store 2w − − 1 points instead of \(\frac{3^w - 1}{2}\) for the fixed-base τ – adic method, with a more advantageous running time.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Akishita, T., Takagi, T.: Zero-value point attacks on elliptic curve crytosystems. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 218–233. Springer, Heidelberg (2003)
Blake, I., Seroussi, G., Smart, N.: Elliptic curves in cryptography. Cambridge University Press, Cambridge (1999)
Coron, J.S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)
Goubin, L.: A refined power-analysis attack on elliptic curve cryptosystems. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 199–210. Springer, Heidelberg (2002)
Hasan, M.A.: Power analysis attacks and algorithmic approaches to their countermeasures for Koblitz curve cryptosystems. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 93–108. Springer, Heidelberg (2000)
Itoh, K., Izu, T., Takenaka, M.: Efficient countermeasures against power analysis for elliptic curve cryptosystems. In: Proceedings of CARDIS-WCC 2004 (2004)
Joye, M., Tymen, C.: Protections against differential analysis for elliptic curve cryptography: an algebraic approach. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 386–400. Springer, Heidelberg (2001)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)
Koblitz, N.: CM-curves with good cryptographic properties. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 279–287. Springer, Heidelberg (1992)
Kocher, P.: Timing attacks on implementations of Diffie-Hellman, RSA, DSA and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)
Lim, C., Lee, P.: More flexible exponentiation with precomputation. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 95–107. Springer, Heidelberg (1994)
Menezes, A.: Elliptic curve public key cryptosystems, vol. 234, pp. 333–344. The Kluwer Academic publishers, Dordrecht (1992/1993)
Mamiya, H., Miyaji, A., Morimoto, H.: Efficient Countermeasures against RPA, DPA, and SPA. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 343–356. Springer, Heidelberg (2004)
Montgomery, P.L.: Speeding up the Pollard and elliptic curve methods of factorization. Mathematics of Computation 48(177), 243–264 (1987)
Meier, W., Staffelbach, O.: Efficient multiplication on certain nonsupersingular elliptic curves. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 333–344. Springer, Heidelberg (1993)
Müller, V.: Fast multiplication on elliptic curves over small fields of characteristic two. Journal of Cryptology 11, 219–234 (1998)
Okeya, K., Sakurai, K.: A Second-Order DPA attacks breaks a window-method based countermeasure against side channel attacks. In: Chan, A.H., Gligor, V.D. (eds.) ISC 2002. LNCS, vol. 2433, pp. 389–401. Springer, Heidelberg (2002)
Smith, E.W.: The implementation and analysis of the ECDSA on the Motorola StarCore SC140 DSP primarily targeting portable devices. Master thesis, University of Waterloo, Ontario, Canada (2002)
Solinas, J.A.: An improved algorithm for arithmetic on a family of elliptic curves. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 357–371. Springer, Heidelberg (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hedabou, M. (2005). Efficient Countermeasures for Thwarting the SCA Attacks on the Frobenius Based Methods. In: Smart, N.P. (eds) Cryptography and Coding. Cryptography and Coding 2005. Lecture Notes in Computer Science, vol 3796. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11586821_17
Download citation
DOI: https://doi.org/10.1007/11586821_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30276-6
Online ISBN: 978-3-540-32418-8
eBook Packages: Computer ScienceComputer Science (R0)