Balanced point operations for side-channel protection of elliptic curve cryptography

The authors propose balanced algorithms for elliptic curve cryptography (ECC). The authors make the point addition and doubling balanced; that is, they are implemented as identical sequences of operations. As an example the authors implement an ECC point multiplication algorithm, using the approach of Montgomery, for which a single power trace does not expose the Hamming weight nor the bits of the secret key. Nevertheless, their field-programmable gate array implementation is also compact and efficient. The proposed multiplier for the finite field operations is digit serial and scalable to arbitrary bit-lengths. The method calculates the result by splitting the multiplication into two separate processes. The architecture presented compares favourably with designs presented in the literature. Furthermore, the power consumption graphs show the new implementation has an improved side-channel resistance.

[1]  Christof Paar,et al.  A High Performance Reconfigurable Elliptic Curve Processor for GF(2m) , 2000, CHES.

[2]  S. Sutikno,et al.  Design and implementation of arithmetic processor F/sub 2//sup 155/ for elliptic curve cryptosystems , 1998, IEEE. APCCAS 1998. 1998 IEEE Asia-Pacific Conference on Circuits and Systems. Microelectronics and Integrating Systems. Proceedings (Cat. No.98EX242).

[3]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[4]  Joos Vandewalle,et al.  Hardware architectures for public key cryptography , 2003, Integr..

[5]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[6]  Ricardo Dahab,et al.  Fast Multiplication on Elliptic Curves over GF(2m) without Precomputation , 1999, CHES.

[7]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[8]  Alfred Menezes,et al.  Elliptic curve cryptosystems and their implementation , 1993, Journal of Cryptology.

[9]  Wei-Chang Tsai,et al.  A systolic architecture for elliptic curve cryptosystems , 2000, WCC 2000 - ICSP 2000. 2000 5th International Conference on Signal Processing Proceedings. 16th World Computer Congress 2000.

[10]  Shyue-Win Wei,et al.  VLSI architectures for computing exponentiations, multiplicative inverses, and divisions in GF(2/sup m/) , 1997 .

[11]  Huapeng Wu Montgomery Multiplier and Squarer for a Class of Finite Fields , 2002, IEEE Trans. Computers.

[12]  M. Stam,et al.  Speeding up subgroup cryptosystems , 2003 .

[13]  Tsuyoshi Takagi,et al.  A Fast Parallel Elliptic Curve Multiplication Resistant against Side Channel Attacks , 2002, Public Key Cryptography.

[14]  Marc Joye,et al.  The Montgomery Powering Ladder , 2002, CHES.

[15]  Vipul Gupta,et al.  An End-to-End Systems Approach to Elliptic Curve Cryptography , 2002, CHES.

[16]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[17]  George Theodoridis,et al.  An efficient reconfigurable multiplier architecture for Galois field GF(2m) , 2003, Microelectron. J..

[18]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[19]  Marc Joye,et al.  Weierstraß Elliptic Curves and Side-Channel Attacks , 2002, Public Key Cryptography.

[20]  M. J. Potgieter,et al.  Two hardware implementations of the group operations necessary for implementing an elliptic curve cryptosystem over a characteristic two finite field , 2002, IEEE AFRICON. 6th Africon Conference in Africa,.

[21]  Dieter Gollmann,et al.  Algorithm engineering for public key algorithms , 1989, IEEE J. Sel. Areas Commun..

[22]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[23]  ÇETIN K. KOÇ,et al.  Montgomery Multiplication in GF(2k) , 1998, Des. Codes Cryptogr..

[24]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[25]  Ian F. Blake,et al.  Elliptic curves in cryptography , 1999 .

[26]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[27]  Shyue-Win Wei VLSI architectures for computing exponentiations, multiplicative inverses, and divisions in GF(2/sup m/) , 1994, Proceedings of IEEE International Symposium on Circuits and Systems - ISCAS '94.

[28]  Marc Joye,et al.  Low-cost solutions for preventing simple side-channel analysis: side-channel atomicity , 2004, IEEE Transactions on Computers.

[29]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[30]  Keshab K. Parhi,et al.  Low-Energy Digit-Serial/Parallel Finite Field Multipliers , 1998 .

[31]  B. Preneel,et al.  Serial multiplier architectures over GF(2/sup n/) for elliptic curve cryptosystems , 2004, Proceedings of the 12th IEEE Mediterranean Electrotechnical Conference (IEEE Cat. No.04CH37521).

[32]  Elena Trichina,et al.  Implementation of Elliptic Curve Cryptography with Built-In Counter Measures against Side Channel Attacks , 2002, CHES.

[33]  Nele Mentens,et al.  An FPGA Implementation of an Elliptic Curve Processor over GF ( 2 m ) , 2004 .

[34]  Jean-Pierre Seifert,et al.  Parallel scalar multiplication on general elliptic curves over Fp hedged against Non-Differential Side-Channel Attacks , 2002, IACR Cryptol. ePrint Arch..

[35]  A. P. Chandrakasan,et al.  An energy-efficient reconfigurable public-key cryptography processor , 2001, IEEE J. Solid State Circuits.

[36]  Bart Preneel,et al.  An FPGA implementation of an elliptic curve processor GF(2m) , 2004, GLSVLSI '04.