Same Values Power Analysis Using Special Points on Elliptic Curves

Elliptic Curve Cryptosystems (ECC) on Smart-Cards can be vulnerable to Side Channel Attacks such as the Simple Power Analysis (SPA) or the Differential Power Analysis (DPA) if they are not carefully implemented. Goubin proposed a variant of the DPA using the point (0, y ). This point is randomized neither by projective coordinates nor by isomorphic class. Akishita and Takagi extended this attack by considering not only points with a zero coordinate, but also points containing a zero value on intermediate registers during doubling and addition formulas. This attack increases the number of possible special points on elliptic curve that need a particular attention. In this paper, we introduce a new attack based on special points that show up internal collision power analysis. This attack increases more the number of possible special points on elliptic curve that need a particular attention. Like Goubin's attack and Akishita and Takagi's attack, our attack works if a fixed scalar is used and the attacker can chose the base point.

[1]  Tsuyoshi Takagi,et al.  On the Optimal Parameter Choice for Elliptic Curve Cryptosystems Using Isogeny , 2004, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[2]  Nigel P. Smart,et al.  An Analysis of Goubin's Refined Power Analysis Attack , 2003, CHES.

[3]  Christof Paar,et al.  A New Class of Collision Attacks and Its Application to DES , 2003, FSE.

[4]  Frédéric Valette,et al.  The Doubling Attack - Why Upwards Is Better than Downwards , 2003, CHES.

[5]  Marc Joye,et al.  (Virtually) Free Randomization Techniques for Elliptic Curve Cryptography , 2003, ICICS.

[6]  Christophe Clavier,et al.  Improved Collision-Correlation Power Analysis on First Order Protected AES , 2011, CHES.

[7]  Robert H. Deng,et al.  Public Key Cryptography – PKC 2004 , 2004, Lecture Notes in Computer Science.

[8]  JaeCheol Ha,et al.  Power Analysis by Exploiting Chosen Message and Internal Collisions - Vulnerability of Checking Mechanism for RSA-Decryption , 2005, Mycrypt.

[9]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[10]  Tsuyoshi Takagi,et al.  Cryptographic Hardware and Embedded Systems - CHES 2011 - 13th International Workshop, Nara, Japan, September 28 - October 1, 2011. Proceedings , 2011, CHES.

[11]  Tsuyoshi Takagi,et al.  Zero-Value Point Attacks on Elliptic Curve Cryptosystem , 2003, ISC.

[12]  Louis Goubin,et al.  A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems , 2003, Public Key Cryptography.

[13]  Gerhard Goos,et al.  Fast Software Encryption , 2001, Lecture Notes in Computer Science.

[14]  Frederik Vercauteren,et al.  To Infinity and Beyond: Combined Attack on ECC Using Points of Low Order , 2011, CHES.

[15]  David Naccache,et al.  Cryptographic Hardware and Embedded Systems — CHES 2001 , 2001 .

[16]  Marc Joye,et al.  Protections against Differential Analysis for Elliptic Curve Cryptography , 2001, CHES.

[17]  Jianying Zhou,et al.  Information and Communications Security , 2013, Lecture Notes in Computer Science.

[18]  Yvo Desmedt Public Key Cryptography — PKC 2003 , 2002, Lecture Notes in Computer Science.

[19]  Aggelos Kiayias,et al.  Efficient Secure Group Signatures with Dynamic Joins and Keeping Anonymity Against Group Managers , 2005, Mycrypt.

[20]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2003 , 2003, Lecture Notes in Computer Science.