Securing the Elliptic Curve Montgomery Ladder against Fault Attacks

The Montgomery ladder method of computing elliptic curve scalar multiplication is esteemed as an efficient algorithm, inherently resistant to simple side-channel attacks as well as to various fault attacks. In FDTC 08, Fouque \etal present an attack on the Montgomery ladder in the presence of a point validation countermeasure, when the $y$-coordinate is not used. In this paper, we present an efficient countermeasure that renders the algorithm resistant to this attack as well as to other known fault attacks.

[1]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[2]  Roberto Maria Avanzi,et al.  Side Channel Attacks on Implementations of Curve-Based Cryptographic Primitives , 2005, IACR Cryptol. ePrint Arch..

[3]  Denis Réal,et al.  Fault Attack on Elliptic Curve Montgomery Ladder Implementation , 2008, 2008 5th Workshop on Fault Diagnosis and Tolerance in Cryptography.

[4]  Bernd Meyer,et al.  Differential Fault Attacks on Elliptic Curve Cryptosystems , 2000, CRYPTO.

[5]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[6]  Ricardo Dahab,et al.  Fast Multiplication on Elliptic Curves over GF(2m) without Precomputation , 1999, CHES.

[7]  Tsuyoshi Takagi,et al.  A Fast Parallel Elliptic Curve Multiplication Resistant against Side Channel Attacks , 2002, Public Key Cryptography.

[8]  M. Anwar Hasan,et al.  Algorithm-level Error Detection for ECSM , 2009 .

[9]  Jean-Pierre Seifert,et al.  Sign Change Fault Attacks on Elliptic Curve Cryptosystems , 2006, FDTC.

[10]  Marc Joye,et al.  Weierstraß Elliptic Curves and Side-Channel Attacks , 2002, Public Key Cryptography.

[11]  Marc Joye,et al.  Elliptic Curve Cryptosystems in the Presence of Permanent and Transient Faults , 2005, Des. Codes Cryptogr..

[12]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[13]  Colin Boyd,et al.  Elliptic Curve Based Password Authenticated Key Exchange Protocols , 2001, ACISP.