Profiling Attack on Modular Multiplication of Elliptic Curve Cryptography

Security of embedded devices is a constant challenge due to the development of new and powerful side-channel attack techniques. This paper proposed a new profiling method to attack ECC implementation with combing method, which utilizes the leakage of modular multiplication during adding operations on points. We analyze the decryption of SM2 in a smart IC card with Riscure's platform, and present how to improve the SNR of the power traces during real attack situation. Experiment results show that the maximum success rate of template matching can reach to 100%, which means if an adversary gets the template data he can easily recover the 256-bits private key of SM2 by measurement only one trace, which means key blinding can't defend this attack.

[1]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[2]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[3]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[4]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[5]  Zhenbin Zhang,et al.  A Novel Template Attack on wNAF Algorithm of ECC , 2014, 2014 Tenth International Conference on Computational Intelligence and Security.

[6]  Nigel P. Smart,et al.  Preventing SPA/DPA in ECC Systems Using the Jacobi Form , 2001, CHES.