Skip to main content
Springer Nature Link
Log in

Two Lattice-Based Differential Fault Attacks Against ECDSA with wNAF Algorithm

  • Conference paper
  • First Online:
Information Security and Cryptology - ICISC 2015 (ICISC 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9558))

Included in the following conference series:

Abstract

Elliptic curve cryptosystem (ECC) is widely used in cryptographic device. Despite its solid mathematical security, ECC is still vulnerable to many kinds of physical attacks. In this paper, we present two new lattice-based differential fault attacks (DFA) against the famous ECC signature algorithm standard-ECDSA with wNAF algorithm of scalar multiplication. Compared with the fault attack proposed in Crypto’2000, our first attack adopts a different way to deduce parts of the nonce k. The former recovered parts of k mainly by guessing technique, while our attack combines the guessing technique and solving equation with one unknown. So our attack is applicable for the weaker attack scenes allowing more random faulty bits. In our second proposed attack, instead of injecting faults during calculating kG, we focus on injecting faults during calculating wNAF transformation of k before calculating kG. If the targets during wNAF transformation of k are skipped by fault injection, we can build some DFA models to retrieve parts of k. In both of the two attacks, the attacker can mount lattice attack to recover the private key in ECDSA with the derived parts of k. Finally, we verify the feasibility of our proposed attacks by experiments.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  2. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  3. Biehl, I., Meyer, B., Müller, V.: Differential fault attacks on elliptic curve cryptosystems. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 131–146. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  4. Hemme, L.: A differential fault attack against early rounds of (Triple-)DES. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 254–267. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  5. Chen, C.N., Yen, S.M.: Differential fault analysis on AES key schedule and some countermeasures. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  6. Biham, E., Granboulan, L., Nguyên, P.Q.: Impossible fault analysis of RC4 and differential fault analysis of RC4. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 359–367. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  7. Blömer, J., Otto, M., Seifert, J.-P.: Sign change fault attacks on elliptic curve cryptosystems. In: Breveglieri, L., Koren, I., Naccache, D., Seifert, J.-P. (eds.) FDTC 2006. LNCS, vol. 4236, pp. 36–52. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  8. Schmidt, J., Medwed, M.: A fault attack on ECDSA. In: 2009 Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC), pp. 93–99. IEEE (2009)

    Google Scholar 

  9. Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001)

    Article  Google Scholar 

  10. Howgrave-Graham, N., Smart, N.P.: Lattice attacks on digital signature schemes. Des. Codes Crypt. 23(3), 283–290 (2001)

    Article  MathSciNet  MATH  Google Scholar 

  11. Nguyen, P.Q., Shparlinski, I.E.: The insecurity of the elliptic curve digital signature algorithm with partially known nonces. J. Cryptology 15(3), 151–176 (2002)

    Article  MathSciNet  MATH  Google Scholar 

  12. Liu, M., Chen, J., Li, H.: Partially known nonces and fault injection attacks on SM2 signature algorithm. In: Lin, D., Xu, S., Yung, M. (eds.) Inscrypt 2013. LNCS, vol. 8567, pp. 343–358. Springer, Heidelberg (2014)

    Google Scholar 

  13. Leadbitter, P.J., Page, D.L., Smart, N.P.: Attacking DSA under a repeated bits assumption. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 428–440. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  14. Faugère, J.-C., Goyet, C., Renault, G.: Attacking (EC)DSA given only an implicit hint. In: Knudsen, L.R., Wu, H. (eds.) SAC 2012. LNCS, vol. 7707, pp. 252–274. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  15. Naccache, D., Nguyên, P.Q., Tunstall, M., Whelan, C.: Experimenting with faults, lattices and the DSA. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 16–28. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  16. Connell, I.: Elliptic curve handbook (1996) (Preprint)

    Google Scholar 

  17. Hankerson, D., Menezes, A.J., Vanstone, S.: Guide to elliptic curve cryptography. Comput. Rev. 46(1), 13 (2005)

    MATH  Google Scholar 

  18. Joux, A., Stern, J.: Lattice reduction: a toolbox for the cryptanalyst. J. Cryptology 11(3), 161–185 (1998)

    Article  MathSciNet  MATH  Google Scholar 

  19. Joux, A.: Algorithmic Cryptanalysis. CRC Press, Boca Raton (2009)

    Book  MATH  Google Scholar 

  20. Babai, L.: On lovász’ lattice reduction and the nearest lattice point problem. Combinatorica 6(1), 1–13 (1986)

    Article  MathSciNet  MATH  Google Scholar 

  21. Boneh, D., Venkatesan, R.: Hardness of computing the most significant bits of secret keys in diffie-hellman and related schemes. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 129–142. Springer, Heidelberg (1996)

    Google Scholar 

  22. Giraud, C.: DFA on AES. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES 2005. LNCS, vol. 3373, pp. 27–41. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  23. Stehlé, D., Martin Albrecht, D.C.: fplll-4.0 Lattice Reduction Library (2012). https://github.com/dstehle/fplll

Download references

Acknowledgments

We thank the anonymous referees for their careful reading and insightful comments. This work is supported by the National Science and Technology Major Project (No. 2014ZX01032401-001) and the National Basic Research Program of China (No. 2013CB338002).

Author information

Authors and Affiliations

  1. Trusted Computing and Information Assurance Laboratory, Institute of Software, Chinese Academy of Sciences, Beijing, 100190, People’s Republic of China

    Weiqiong Cao, Jingyi Feng, Hua Chen, Shaofeng Zhu & Wenling Wu

  2. Beijing Key Laboratory of RFID Chip Test Technology, CEC Huada Electronic Design Co. Ltd., Beijing, 102209, People’s Republic of China

    Xucang Han & Xiaoguang Zheng

Authors
  1. Weiqiong Cao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jingyi Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hua Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shaofeng Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Wenling Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Xucang Han
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Xiaoguang Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hua Chen .

Editor information

Editors and Affiliations

  1. Sungkyunkwan University, Suwon, Gyeonggi, Korea (Republic of)

    Soonhak Kwon

  2. UNIST, Ulsan, Korea (Republic of)

    Aaram Yun

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Cao, W. et al. (2016). Two Lattice-Based Differential Fault Attacks Against ECDSA with wNAF Algorithm. In: Kwon, S., Yun, A. (eds) Information Security and Cryptology - ICISC 2015. ICISC 2015. Lecture Notes in Computer Science(), vol 9558. Springer, Cham. https://doi.org/10.1007/978-3-319-30840-1_19

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-30840-1_19

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-30839-5

  • Online ISBN: 978-3-319-30840-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics