Provably Secure Countermeasure Resistant to Several Types of Power Attack for ECC

Recently, it has been shown that some cryptographic devices, such as smart card, RFID and USB token, are vulnerable to the power attacks if they have no defence against them. With the introduction of new types of power analysis attack on elliptic curve cryptosystem (ECC) which is implemented in these secure devices, most existing countermeasures against differential power analysis (DPA) are now vulnerable to new power attacks, such as a doubling attack (DA), refined power analysis attack (RPA), and zero-value point attack (ZPA). Mamiya et al. recently proposed a countermeasure (so-called BRIP) against the DPA, RPA, ZPA, and simple power analysis (SPA) by introducing a random initial value. Yet, the BRIP was also shown to be vulnerable to the address-bit DPA by Itoh et al. and the 2-torsion attack by Yen et al.. Accordingly, this paper proposes a secure countermeasure based on a message-blinding technique. A security analysis demonstrates that the proposed countermeasure is secure against most existing power attacks with just a few additional registers.

[1]  Aggelos Kiayias,et al.  Public Key Cryptography - PKC 2006 , 2006, Lecture Notes in Computer Science.

[2]  Atsuko Miyaji,et al.  Efficient Countermeasures against RPA, DPA, and SPA , 2004, CHES.

[3]  Kouichi Itoh,et al.  Address-Bit Differential Power Analysis of Cryptographic Schemes OK-ECDH and OK-ECDSA , 2002, CHES.

[4]  Tsuyoshi Takagi,et al.  Zero-Value Point Attacks on Elliptic Curve Cryptosystem , 2003, ISC.

[5]  Kouichi Sakurai,et al.  Power Analysis Breaks Elliptic Curve Cryptosystems even Secure against the Timing Attack , 2000, INDOCRYPT.

[6]  Yvo Desmedt Public Key Cryptography — PKC 2003 , 2002, Lecture Notes in Computer Science.

[7]  Kouichi Itoh,et al.  Efficient Countermeasures against Power Analysis for Elliptic Curve Cryptosystems , 2004, CARDIS.

[8]  Nigel P. Smart,et al.  Preventing SPA/DPA in ECC Systems Using the Jacobi Form , 2001, CHES.

[9]  Marc Joye,et al.  Hessian Elliptic Curves and Side-Channel Attacks , 2001, CHES.

[10]  Louis Goubin,et al.  A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems , 2003, Public Key Cryptography.

[11]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[12]  Frédéric Valette,et al.  High-Order Attacks Against the Exponent Splitting Protection , 2006, Public Key Cryptography.

[13]  JaeCheol Ha,et al.  A Secure and Practical CRT-Based RSA to Resist Side Channel Attacks , 2004, ICCSA.

[14]  Frédéric Valette,et al.  The Doubling Attack - Why Upwards Is Better than Downwards , 2003, CHES.

[15]  Aggelos Kiayias,et al.  Efficient Secure Group Signatures with Dynamic Joins and Keeping Anonymity Against Group Managers , 2005, Mycrypt.

[16]  David Naccache,et al.  Cryptographic Hardware and Embedded Systems — CHES 2001 , 2001 .

[17]  Kouichi Itoh,et al.  A Practical Countermeasure against Address-Bit Differential Power Analysis , 2003, CHES.

[18]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[19]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[20]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[21]  Antonio Laganà,et al.  Computational Science and Its Applications – ICCSA 2004 , 2004, Lecture Notes in Computer Science.

[22]  Christophe Clavier,et al.  Universal Exponentiation Algorithm , 2001, CHES.

[23]  Marc Joye,et al.  (Virtually) Free Randomization Techniques for Elliptic Curve Cryptography , 2003, ICICS.

[24]  JaeCheol Ha,et al.  Power Analysis by Exploiting Chosen Message and Internal Collisions - Vulnerability of Checking Mechanism for RSA-Decryption , 2005, Mycrypt.

[25]  Bimal Roy,et al.  Progress in Cryptology —INDOCRYPT 2000 , 2002, Lecture Notes in Computer Science.

[26]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2003 , 2003, Lecture Notes in Computer Science.

[27]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[28]  Marc Joye,et al.  Protections against Differential Analysis for Elliptic Curve Cryptography , 2001, CHES.