Countermeasures for Preventing Comb Method Against SCA Attacks

Side Channel Attacks have become a serious threat for cryptographic applications on devices with small resources. Indeed, it turns out that the usual randomization techniques can not prevent the recent DPA attacks (RPA and ZPA). The implementation of elliptic curve cryptosystems (ECC) on such devices must combine an optimized use of space memory with a high level of security and efficiency. In this paper we present an efficient SCA-resistant algorithm based on the fixed-base comb method. We propose to modify the binary representation of the secret scalar in order to obtain a new sequence of non-zero bit-strings. This, combined with the use of Randomized Linearly-transformed coordinates (RLC), will prevent the SCA attacks on the comb method, including RPA and ZPA. Furthermore, our algorithm optimizes the size of the precomputed table; we only store 2w−−1 points instead of 2w – 1 for the fixed-base comb method, without affecting in any way the computation time. We also present another countermeasure using a Randomized Initial Point (RIP) to protect the fixed-base comb method against SCA attacks including RPA and ZPA, with an optimized amount of computing time. The cost of this countermeasure does not exceed 2% of the total cost of the fixed-base comb method.

[1]  Chae Hoon Lim,et al.  More Flexible Exponentiation with Precomputation , 1994, CRYPTO.

[2]  Atsuko Miyaji,et al.  Efficient Elliptic Curve Exponentiation Using Mixed Coordinates , 1998, ASIACRYPT.

[3]  Marc Joye,et al.  Protections against Differential Analysis for Elliptic Curve Cryptography , 2001, CHES.

[4]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[5]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[6]  Stavros G. Kolliopoulos Minimum-cost single-source 2-splittable flow , 2005, Inf. Process. Lett..

[7]  Yvo Desmedt Public Key Cryptography — PKC 2003 , 2002, Lecture Notes in Computer Science.

[8]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[9]  Kouichi Sakurai,et al.  A Second-Order DPA Attack Breaks a Window-Method Based Countermeasure against Side Channel Attacks , 2002, ISC.

[10]  Kouichi Itoh,et al.  Efficient Countermeasures against Power Analysis for Elliptic Curve Cryptosystems , 2004, CARDIS.

[11]  Louis Goubin,et al.  A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems , 2003, Public Key Cryptography.

[12]  Tsuyoshi Takagi,et al.  Zero-Value Point Attacks on Elliptic Curve Cryptosystem , 2003, ISC.

[13]  Kazuo Ohta,et al.  Advances in Cryptology — ASIACRYPT’98 , 2002, Lecture Notes in Computer Science.

[14]  Atsuko Miyaji,et al.  Efficient Countermeasures against RPA, DPA, and SPA , 2004, CHES.

[15]  Neal Koblitz,et al.  Advances in Cryptology — CRYPTO ’96 , 2001, Lecture Notes in Computer Science.

[16]  Ricardo Dahab,et al.  Fast Multiplication on Elliptic Curves over GF(2m) without Precomputation , 1999, CHES.

[17]  Bodo Möller,et al.  Securing Elliptic Curve Point Multiplication against Side-Channel Attacks , 2001, ISC.

[18]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[19]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[20]  Alfred Menezes,et al.  Software Implementation of the NIST Elliptic Curves Over Prime Fields , 2001, CT-RSA.

[21]  David Naccache,et al.  Topics in Cryptology — CT-RSA 2001 , 2001, Lecture Notes in Computer Science.

[22]  Nigel P. Smart,et al.  Preventing SPA/DPA in ECC Systems Using the Jacobi Form , 2001, CHES.

[23]  Yvo Desmedt,et al.  Advances in Cryptology — CRYPTO ’94 , 2001, Lecture Notes in Computer Science.

[24]  Marc Joye,et al.  Hessian Elliptic Curves and Side-Channel Attacks , 2001, CHES.

[25]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[26]  David Naccache,et al.  Cryptographic Hardware and Embedded Systems — CHES 2001 , 2001 .