论文信息 - Side-Channel Attack using Order 4 Element against Curve25519 on ATmega328P

Side-Channel Attack using Order 4 Element against Curve25519 on ATmega328P

With the matter of secure communication between devices, and especially for IoT devices, more and more applications need trustful protocols to communicate using public key cryptography. Elliptic curve cryptography is nowadays a very secure and efficient public key cryptography method. One of the most recent and secure curve is Curve25519 and one of its failure is attack on low-order elements during a Diffie-Hellman key exchange. This document demonstrates that an attack using an order 4 point is possible on an embedded system with a simple power analysis, pointing out every IoT using Curve255119 as a cryptographic method, a potential target to side-channel attacks.

[1] Daniel J. Bernstein,et al. Curve25519: New Diffie-Hellman Speed Records , 2006, Public Key Cryptography.

[2] Adi Shamir,et al. A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[3] Ian F. Blake,et al. Elliptic curves in cryptography , 1999 .

[4] Peter Schwabe,et al. High-speed Curve25519 on 8-bit, 16-bit, and 32-bit microcontrollers , 2015, Des. Codes Cryptogr..

[5] Eric Peeters,et al. Advanced DPA Theory and Practice , 2013 .

[6] Yuval Yarom,et al. May the Fourth Be With You: A Microarchitectural Side Channel Attack on Several Real-World Applications of Curve25519 , 2017, CCS.

[7] N. Koblitz. Elliptic curve cryptosystems , 1987 .

[8] P. L. Montgomery. Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[9] Victor S. Miller,et al. Use of Elliptic Curves in Cryptography , 1985, CRYPTO.