Skip to main content
SpringerLink
Log in

Side-Channel Analysis on Blinded Regular Scalar Multiplications

  • Conference paper
  • First Online:
Progress in Cryptology -- INDOCRYPT 2014 (INDOCRYPT 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8885))

Included in the following conference series:

Abstract

We present a new side-channel attack path threatening state-of-the-art protected implementations of elliptic curves embedded scalar multiplications. Regular algorithms such as the double-and-add-always and the Montgomery ladder are commonly used to protect the scalar multiplication from simple side-channel analysis. Combining such algorithms with scalar and/or point blinding countermeasures lead to scalar multiplications protected from all known attacks. Scalar randomization, which consists in adding a random multiple of the group order to the scalar value, is a popular countermeasure due to its efficiency. Amongst the several curves defined for usage in elliptic curves products, the most used are those standardized by the NIST. As observed in several previous publications, the modulus, hence the orders, of these curves are sparse, primarily for efficiency reasons. In this paper, we take advantage of this specificity to present new attack paths which combine vertical and horizontal side-channel attacks to recover the entire secret scalar in state-of-the-art protected elliptic curve implementations.

Venelli: This work was carried out when the author was with INSIDE Secure.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bauer, A., Jaulmes, E., Prouff, E., Wild, J.: Horizontal collision correlation attack on elliptic curves. In: Selected Areas in Cryptography (2013)

    Google Scholar 

  2. Bauer, A., Jaulmes, É.: Correlation analysis against protected SFM implementations of RSA. In: Paul, G., Vaudenay, S. (eds.) INDOCRYPT 2013. LNCS, vol. 8250, pp. 98–115. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  3. Bernstein, D.J., Lange, T.: Explicit-formulas database. http://hyperelliptic.org/EFD/g1p/auto-shortw.html

  4. Bernstein, D.J., Lange, T.: Faster addition and doubling on elliptic curves. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 29–50. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  5. Bernstein, D.J., Lange, T.: Safecurves: choosing safe curves for elliptic-curve cryptography. http://safecurves.cr.yp.to (accessed May 26, 2014)

  6. Brier, E., Joye, M.: Weierstraß elliptic curves and side-channel attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 335–345. Springer, Berlin Heidelberg (2002)

    Chapter  Google Scholar 

  7. Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16–29. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  8. Brown, M., Hankerson, D., López, J., Menezes, A.: Software implementation of the NIST elliptic curves over prime fields. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 250–265. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  9. Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards sound approaches to counteract power-analysis attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  10. Chevallier-Mames, B., Ciet, M., Joye, M.: Low-cost solutions for preventing simple side-channel analysis: Side-channel atomicity. IEEE Transactions on Computers 53, 760–768 (2004)

    Article  Google Scholar 

  11. Ciet, M., Joye, M.: (Virtually) free randomization techniques for elliptic curve cryptography. In: Qing, S., Gollmann, D., Zhou, J. (eds.) ICICS 2003. LNCS, vol. 2836, pp. 348–359. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  12. Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Horizontal correlation analysis on exponentiation. In: Soriano, M., Qing, S., López, J. (eds.) ICICS 2010. LNCS, vol. 6476, pp. 46–61. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  13. Clavier, C., Feix, B., Gagnerot, G., Giraud, C., Roussellet, M., Verneuil, V.: ROSETTA for single trace analysis. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 140–155. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  14. Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  15. Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)

    Article  MathSciNet  MATH  Google Scholar 

  16. Feix, B., Roussellet, M., Venelli, A.: Side-channel analysis on blinded regular scalar multiplications. IACR Cryptology ePrint Archive (2014)

    Google Scholar 

  17. Giraud, C., Verneuil, V.: Atomicity improvement for elliptic curve scalar multiplication. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 80–101. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  18. Goundar, R., Joye, M., Miyaji, A., Rivain, M., Venelli, A.: Scalar multiplication on Weierstraß elliptic curves from co-z arithmetic. Journal of Cryptographic Engineering 1(2), 161–176 (2011)

    Article  Google Scholar 

  19. Hanley, N., Kim, H., Tunstall, M.: Exploiting collisions in addition chain-based exponentiation algorithms. Cryptology ePrint Archive, Report 2012/485 (2012)

    Google Scholar 

  20. Joye, M.: Highly regular Right-to-left algorithms for scalar multiplication. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 135–147. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  21. Joye, M., Yen, S.M.: The Montgomery powering ladder. In: Kaliski, B., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 291–302. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  22. Koblitz, N.: Elliptic curve cryptosystems. Mathematics of Computation 48, 203–209 (1987)

    Article  MathSciNet  MATH  Google Scholar 

  23. Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  24. Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  25. Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)

    Google Scholar 

  26. Montgomery, P.L.: Speeding the Pollard and elliptic curve methods of factorization. Mathematics of Computation 48(177), 243–264 (1987)

    Article  MathSciNet  MATH  Google Scholar 

  27. Moradi, A., Mischke, O., Eisenbarth, T.: Correlation-enhanced power analysis collision attack. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 125–139. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  28. Muller, F., Valette, F.: High-order attacks against the exponent splitting protection. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 315–329. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  29. National Institute Standards and Technology: Digital Signature Standard (DSS). Publication 186–2 (2000)

    Google Scholar 

  30. Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21, 120–126 (1978)

    Article  MathSciNet  MATH  Google Scholar 

  31. Rondepierre, F.: Revisiting atomic patterns for scalar multiplications on elliptic curves. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 171–186. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  32. SEC2: Standards for Efficient Cryptography Group/Certicom Research. Recommanded Elliptic Curve Cryptography Domain Parameters (2000)

    Google Scholar 

  33. Smart, N., Oswald, E., Page, D.: Randomised representations. IET Information Security 2, 19–27(8) (2008)

    Google Scholar 

  34. Solinas, J.: Generalized Mersenne numbers. Technical report CORR-39, Dept. of C&O, University of Waterloo (1999)

    Google Scholar 

  35. Stebila, D., Thériault, N.: Unified point addition formulæ and side-channel attacks. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 354–368. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  36. Trichina, E., Bellezza, A.: Implementation of elliptic curve cryptography with built-in counter measures against side channel attacks. In: Kaliski, B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 98–113. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  37. Walter, C.D.: Sliding windows succumbs to Big Mac attack. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 286–299. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  38. Witteman, M.F., van Woudenberg, J.G.J., Menarini, F.: Defeating RSA multiply-always and message blinding countermeasures. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 77–88. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. UL Security Transactions, UK Security Lab, Basingstoke, UK

    Benoit Feix

  2. Gemalto, La Ciotat, France

    Mylène Roussellet

  3. Thalès Communications and Security, Toulouse, France

    Alexandre Venelli

Authors
  1. Benoit Feix
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mylène Roussellet
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Alexandre Venelli
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alexandre Venelli .

Editor information

Editors and Affiliations

  1. Hochschule für Technik, Fachhochschule Nordwestschweiz, Windisch, Switzerland

    Willi Meier

  2. Computer Science and Engineering, Indian Institute of Technology, Kharagpur, India

    Debdeep Mukhopadhyay

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Feix, B., Roussellet, M., Venelli, A. (2014). Side-Channel Analysis on Blinded Regular Scalar Multiplications. In: Meier, W., Mukhopadhyay, D. (eds) Progress in Cryptology -- INDOCRYPT 2014. INDOCRYPT 2014. Lecture Notes in Computer Science(), vol 8885. Springer, Cham. https://doi.org/10.1007/978-3-319-13039-2_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-13039-2_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-13038-5

  • Online ISBN: 978-3-319-13039-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation