Abstract
Blockchain is an emerging distributed computing technology of de-centralization. The cryptography is used to ensure integrity, anonymity, privacy and immutability. Security of blockchain rely on cryptographic algorithms. However, cryptographic primitives typically get broken or weakened due to increase computational power and advanced cryptanalysis of the side channel methods. The cryptographic algorithms of blockchain will face side channel attacks. In this paper, we present the systematic analysis of threats on broken digital signature of the transaction data. And an improved SPA against ECDSA is presented with the power feature model in this paper. An attack case is given, and the private key of ECDSA can be recovered by using the proposed attack method with a power trace. Then the countermeasure of equivalent power consumption at atomic level is given by adding empty operations in point doubling and addition operations for hardware devices of blockchain.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System. Bitcoin Consulted (2008)
Jiang, X., Liu, M.Z., Yang, C., Liu, Y.H., Wang, R.L.: A blockchain-based authentication protocol for WLAN mesh security access. Comput. Mater. Continua 58(1), 45–59 (2019)
Giechaskiel, I., Cremers, C., Rasmussen, K.: On bitcoin security in the presence of broken crypto primitives. IACR ePrint Archive, 2016/167 (2016)
Sato, M., Matsuo, S.: Long-term public blockchain: resilience against compromise of underlying cryptography. In: IEEE European Symposium on Security & Privacy Workshops, pp. 1–8 (2017)
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25
Peng, L.U.O., Huiyun, L.I., Kunpeng, W.A.N.G., Yawei, W.A.N.G.: Chosen message attacks method against ECC implementations. J. Commun. 35(5), 79–86 (2014)
Goubin, L.: A refined power-analysis attack on elliptic curve cryptosystems. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 199–211. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36288-6_15
Bauer, A., Jaulmes, E., Prouff, E., Reinhard, J.R., Wild, J.: Horizontal collision correlation attack on elliptic curves. Cryptogr. Commun. 7(1), 91–119 (2015)
Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48059-5_25
Medwed, M., Oswald, E.: Template attacks on ECDSA. In: Chung, K.-I., Sohn, K., Yung, M. (eds.) WISA 2008. LNCS, vol. 5379, pp. 14–27. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00306-6_2
Zhang, Z., Wu, L., Mu, Z., Zhang, X.: A novel template attack on wNAF algorithm of ECC. In: 2014 Tenth International Conference on Computational Intelligence and Security (CIS), pp. 671–675. IEEE (2014)
Pang, S.C., Tong, S.Y., Cong, F.Z., et al.: A efficient elliptic curve scalar multiplication algorithm against side channel attacks. In: Proceedings of the 2010 International Conference on Computer, Mechatronics, Control and Electronic Engineering (CMCE 2010), pp. 361–364. Springer, Berlin (2010)
Fan, J.F., Guo, X., De Mulder, E., et al.: State-of-the-art of secure ECC implementations: a survey on known side-channel attacks and countermeasures. In: 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 76–87. IEEE (2010)
Fan, J., Gierlichs, B., Vercauteren, F.: To infinity and beyond: combined attack on ECC using points of low order. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 143–159. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-23951-9_10
Chen, T., Li, H., Wu, K., Yu, F.: Countermeasure of ECC against side channel attacks:balanced point addition and point doubling operation procedure. In: Asia Pacific Conference on Information Processing, pp. 465–469 (2009)
Nascimento, E., Chmielewski, Ł., Oswald, D., Schwabe, P.: Attacking embedded ECC implementations through CMOV side channels. https://eprint.iacr.org/2016/923.pdf
Liu, A.D., Du, X.H., Wang, N., Li, S.Z.: Research progress of blockchain technology and its application in information security. Ruan Jian Xue Bao/J. Softw. 29(7), 2092–2115 (2018). (in Chinese). http://www.jos.org.cn/1000-9825/5589
Deng, Z.L., Ren, Y.J., Liu, Y.P., Yin, X., Shen, Z.X., Kim, H.J.: Blockchain-based trusted electronic records preservation in cloud storage. Comput. Mater. Continua 58(1), 135–151 (2019)
Acknowledgments
The authors would like to thank the reviewers for their detailed reviews and constructive comments, which have helped improve the quality of this paper. This work was supported in part by the National Key Research and Development Project of China (No. 2017YFB0802302), the Science and Technology Support Project of Sichuan Province (No. 2016FZ0112, No. 2017GZ0314, No. 2018GZ0204), the Academic and Technical Leaders Training Funding Support Projects of Sichuan Province (No. 2016120080102643), the Application Foundation Project of Sichuan Province (No. 2017JY0168), the Science and Technology Project of Chengdu (No. 2017-RK00-00103-ZF, No. 2016-HM01-00217-SF).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Wunan, W., Hao, C., Jun, C. (2019). The Attack Case of ECDSA on Blockchain Based on Improved Simple Power Analysis. In: Sun, X., Pan, Z., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2019. Lecture Notes in Computer Science(), vol 11635. Springer, Cham. https://doi.org/10.1007/978-3-030-24268-8_12
Download citation
DOI: https://doi.org/10.1007/978-3-030-24268-8_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-24267-1
Online ISBN: 978-3-030-24268-8
eBook Packages: Computer ScienceComputer Science (R0)