Secure Binary Field Multiplication

Binary field multiplication is the most fundamental building block of binary field Elliptic Curve Cryptography ECC and Galois/Counter Mode GCM. Both bit-wise scanning and Look-Up Table LUT based methods are commonly used for binary field multiplication. In terms of Side Channel Attack SCA, bit-wise scanning exploits insecure branch operations which leaks information in a form of timing and power consumption. On the other hands, LUT based method is regarded as a relatively secure approach because LUT access can be conducted in a regular and atomic form. This ensures a constant time solution as well. In this paper, we conduct the SCA on the LUT based binary field multiplication. The attack exploits the horizontal Correlation Power Analysis CPA on weights of LUT. We identify the operand with only a power trace of binary field multiplication. In order to prevent SCA, we also suggest a mask based binary field multiplication which ensures a regular and constant time solution without LUT and branch statements.

[1]  Thomas S. Messerges,et al.  Investigations of Power Analysis Attacks on Smartcards , 1999, Smartcard.

[2]  Ricardo Dahab,et al.  NanoECC: Testing the Limits of Elliptic Curve Cryptography in Sensor Networks , 2008, EWSN.

[3]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[4]  Masaaki Shirase,et al.  Efficient Implementation of Pairing-Based Cryptography on a Sensor Node , 2009, IEICE Trans. Inf. Syst..

[5]  Michael E. Kounavis,et al.  Multiplication Instruction and its Usage for Computing the GCM Mode , 2010 .

[6]  Ricardo Dahab,et al.  High-Speed Software Multiplication in F2m , 2000, INDOCRYPT.

[7]  Zhe Liu,et al.  Karatsuba-Block-Comb technique for elliptic curve cryptography over binary fields , 2015, Secur. Commun. Networks.

[8]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[9]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[10]  Hermann Seuschek,et al.  Fast Arithmetic on ATmega128 for Elliptic Curve Cryptography , 2008, IACR Cryptol. ePrint Arch..

[11]  Julio César López-Hernández,et al.  Implementing GCM on ARMv8 , 2015, CT-RSA.

[12]  Shay Gueron,et al.  AES-GCM software performance on the current high end CPUs as a performance baseline for CAESAR competition , 2013 .

[13]  Ricardo Dahab,et al.  TinyPBC: Pairings for authenticated identity-based non-interactive key distribution in sensor networks , 2008, 2008 5th International Conference on Networked Sensing Systems.

[14]  Christophe Clavier,et al.  Horizontal Correlation Analysis on Exponentiation , 2010, ICICS.

[15]  Ricardo Dahab,et al.  Efficient implementation of elliptic curve cryptography in wireless sensors , 2010, Adv. Math. Commun..

[16]  Hyunjin Kim,et al.  Binary and prime field multiplication for public key cryptography on embedded microprocessors , 2014, Secur. Commun. Networks.

[17]  Chien-Ning Chen,et al.  Memory Address Side-Channel Analysis on Exponentiation , 2014, ICISC.

[18]  Seokhie Hong,et al.  TinyECCK: Efficient Elliptic Curve Cryptography Implementation over GF(2m) on 8-Bit Micaz Mote , 2008, IEICE Trans. Inf. Syst..

[19]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.