Skip to main content
SpringerLink
Log in

Automatic generation of HCCA-resistant scalar multiplication algorithm by proper sequencing of field multiplier operands

  • Regular Paper
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

Horizontal collision correlation analysis, in short HCCA, imposes a serious threat to simple power analysis-resistant elliptic curve cryptosystems involving unified algorithms, e.g., Edwards curve unified formula. This attack can be mounted even in the presence of differential power analysis-resistant randomization schemes. In this paper, we have designed an effective countermeasure for HCCA protection, where the dependency of side-channel leakage from a school–book multiplication with the underlying multiplier operands is investigated. We have shown how changing the sequence in which the operands are passed to the multiplication algorithm introduces dissimilarity in the information leakage. This disparity has been utilized in constructing a minimal cost countermeasure against HCCA. This countermeasure integrated with an effective randomization method has been shown to successfully thwart HCCA. Additionally we provide experimental validation for our proposed countermeasure technique on a SASEBO platform. To the best of our knowledge, this is the first time that asymmetry in information leakage has been utilized in designing a side-channel countermeasure.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Amiel, F., Feix, B., Tunstall, M., Whelan, C., Marnane, W.P.: Distinguishing multiplications from squaring operations. In: Selected Areas in Cryptography, 15th International Workshop, SAC 2008, Sackville, New Brunswick, Canada, August 14–15, Revised Selected Papers, pp. 346–360 (2008)

  2. Batina, L., Chmielewski, L., Papachristodoulou, L., Schwabe, P., Tunstall, M.: Online template attacks. In: Progress in Cryptology—INDOCRYPT 2014—15th International Conference on Cryptology in India, New Delhi, India, December 14–17, 2014, Proceedings, pp. 21–36 (2014)

  3. Bauer, A., Jaulmes, É., Prouff, E., Reinhard, J.-R., Wild, J.: Horizontal collision correlation attack on elliptic curves—extended version. Cryptogr. Commun. 7(1), 91–119 (2015)

    Article  MathSciNet  MATH  Google Scholar 

  4. Bernstein, D.J., Birkner, P., Joye, M., Lange, T., Peters, C.: Twisted edwards curves. In: Progress in Cryptology—AFRICACRYPT 2008, First International Conference on Cryptology in Africa, Casablanca, Morocco, June 11–14, 2008. Proceedings, pp. 389–405 (2008)

  5. Bernstein. D.J., Lange, T.: Faster addition and doubling on elliptic curves. In: 13th International Conference on the Theory and Application of Cryptology and Information Security Advances in Cryptology—ASIACRYPT 2007, Kuching, Malaysia, December 2–6, 2007, Proceedings, pp. 29–50 (2007)

  6. Bernstein, D.J., Lange, T.: Safecurves: choosing safe curves for elliptic-curve cryptography (2014). http://safecurves.cr.yp.to/

  7. Brier, E., Joye, M.: Weierstraß elliptic curves and side-channel attacks. In: Proceedings of 5th International Workshop on Practice and Theory in Public Key Cryptosystems Public Key Cryptography, PKC 2002, Paris, France, February 12–14 (2002)

  8. Chevallier-Mames, B., Ciet, M., Joye, M.: Low-cost solutions for preventing simple side-channel analysis: side-channel atomicity. IEEE Trans. Comput. 53(6), 760–768 (2004)

    Article  MATH  Google Scholar 

  9. Clavier, C., Feix, B., Gagnerot, G., Giraud, C., Roussellet, M., Verneuil, V.: ROSETTA for single trace analysis. In: Proceedings of Progress in Cryptology—INDOCRYPT 2012, 13th International Conference on Cryptology in India, Kolkata, India, December 9–12, 2012. pp. 140–155 (2012)

  10. Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Cryptographic Hardware and Embedded Systems, First International Workshop, CHES’99, Worcester, MA, USA, August 12–13, 1999, Proceedings, pp. 292–302 (1999)

  11. Edwards, H.M.: A normal form for elliptic curves. Bull. Am. Math. Soc. 44, 393–422 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  12. Fan, J., Verbauwhede, I.: An updated survey on secure ECC implementations: attacks, countermeasures and cost. In: Cryptography and Security: From Theory to Applications - Essays Dedicated to Jean-Jacques Quisquater on the Occasion of His 65th Birthday, pp. 265–282 (2012)

  13. Feix, B., Roussellet, M., Venelli, A.: Side-channel analysis on blinded regular scalar multiplications. In: Progress in Cryptology—INDOCRYPT 2014—15th International Conference on Cryptology in India, New Delhi, India, December 14–17, 2014, Proceedings, pp. 3–20 (2014)

  14. Genkin, D., Shamir, A., Tromer, E.: RSA key extraction via low-bandwidth acoustic cryptanalysis. In: Advances in Cryptology—CRYPTO 2014—34th Annual Cryptology Conference, Santa Barbara, CA, USA, August 17–21, 2014, Proceedings, Part I, pp. 444–461 (2014)

  15. Goubin, L.: A refined power-analysis attack on elliptic curve cryptosystems. In: Public Key Cryptography - PKC 2003, 6th International Workshop on Theory and Practice in Public Key Cryptography, Miami, FL, USA, January 6–8, 2003, Proceedings, pp. 199–210 (2003)

  16. Hanley, N., Kim, H.S., Tunstall, M.: Exploiting collisions in addition chain-based exponentiation algorithms using a single trace. In: Topics in Cryptology—CT-RSA 2015, The Cryptographer’s Track at the RSA Conference 2015, San Francisco, CA, USA, April 20–24, 2015. Proceedings, pp. 431–448 (2015)

  17. Hisil, H., Wong, K.K.-H., Carter, G., Dawson, E.: Twisted Edwards curves revisited. In: Advances in Cryptology - ASIACRYPT 2008, 14th International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, Australia, December 7–11, 2008. Proceedings, pp. 326–343 (2008)

  18. Itoh, K., Izu, T., Takenaka, M.: Address-bit differential power analysis of cryptographic schemes OK-ECDH and OK-ECDSA. In: Cryptographic Hardware and Embedded Systems—CHES 2002, 4th International Workshop, Redwood Shores, CA, USA, August 13–15, 2002, Revised Papers, pp. 129–143 (2002)

  19. Itoh, K., Izu, T., Takenaka, M.: A practical countermeasure against address-bit differential power analysis. In: Cryptographic Hardware and Embedded Systems—CHES 2003, 5th International Workshop, Cologne, Germany, September 8–10, 2003, Proceedings, pp. 382–396 (2003)

  20. Joye, M.: Highly regular right-to-left algorithms for scalar multiplication. In: Cryptographic Hardware and Embedded Systems—CHES 2007, 9th International Workshop, Vienna, Austria, September 10–13, 2007, Proceedings, pp. 135–147 (2007)

  21. Joye, M., Yen, S.-M.: The montgomery powering ladder. In: Cryptographic Hardware and Embedded Systems—CHES 2002, 4th International Workshop, Redwood Shores, CA, USA, August 13–15, 2002, Revised Papers, pp. 291–302 (2002)

  22. Kim, K.H., Lee, C.O., Nègre, C.: Binary edwards curves revisited. In: Progress in Cryptology—INDOCRYPT 2014—15th International Conference on Cryptology in India, New Delhi, India, December 14–17, 2014, Proceedings, pp. 393–408 (2014)

  23. Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Advances in Cryptology—CRYPTO ’99, 19th Annual International Cryptology Conference, Santa Barbara, California, USA, August 15–19, 1999, Proceedings, pp. 388–397 (1999)

  24. Longa, P.: Accelerating the scalar multiplication on elliptic curve cryptosystems over prime fields. IACR Cryptol. ePrint Arch. 2008, 100 (2008)

    Google Scholar 

  25. Schramm, K., Wollinger, T.J., Paar, C.: A new class of collision attacks and its application to DES. In: Fast Software Encryption, 10th International Workshop, FSE 2003, Lund, Sweden, February 24–26, 2003, Revised Papers, pp. 206–222 (2003)

  26. Sugawara, T., Suzuki, D., Saeki, M.: Two operands of multipliers in side-channel attack. IACR Cryptol. ePrint Arch. 2015, 291 (2015)

    Google Scholar 

  27. Walter, C.D.: Sliding windows succumbs to big mac attack. In: Cryptographic Hardware and Embedded Systems—CHES 2001, Third International Workshop, Paris, France, May 14–16, 2001, Proceedings, number Generators, pp. 286–299 (2001)

  28. Wikipedia: Elliptic curve digital signature algorithm. https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm, last edited on 7 March (2019)

Download references

Author information

Authors and Affiliations

  1. IIT Kharagpur, Kharagpur, India

    Poulami Das, Debapriya Basu Roy & Debdeep Mukhopadhyay

Authors
  1. Poulami Das
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Debapriya Basu Roy
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Debdeep Mukhopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Poulami Das.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

The authors would like to thank ISEA Funding for Research on Next Generation Network Security for partially supporting their work.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Das, P., Roy, D.B. & Mukhopadhyay, D. Automatic generation of HCCA-resistant scalar multiplication algorithm by proper sequencing of field multiplier operands. J Cryptogr Eng 9, 263–275 (2019). https://doi.org/10.1007/s13389-019-00219-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-019-00219-1

Keywords

Search

Navigation