Low-Cost Countermeasure against RPA

On smart-cards, Elliptic Curve Cryptosystems (ECC) can be vulnerable to Side Channel Attacks such as the Refined Power Analysis (RPA). This attack takes advantage of the apparition of special points of the form (0, y). In this paper, we propose a new countermeasure based on co-Z formulae and an extension of the curve isomorphism countermeasure. It permits to transform the base point P=(x, y) into a base point P′=(0, y′), which, with −P′, are the only points with a zero X-coordinate. In such case, the RPA cannot be applied. Moreover, the cost of this countermeasure is very low compared to other countermeasures against RPA.

[1]  Marc Joye,et al.  Memory-Constrained Implementations of Elliptic Curve Cryptography in Co-Z Coordinate Representation , 2011, AFRICACRYPT.

[2]  Louis Goubin,et al.  A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems , 2003, Public Key Cryptography.

[3]  Kouichi Itoh,et al.  Efficient Countermeasures against Power Analysis for Elliptic Curve Cryptosystems , 2004, CARDIS.

[4]  Robert H. Deng,et al.  Public Key Cryptography – PKC 2004 , 2004, Lecture Notes in Computer Science.

[5]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[6]  David Naccache,et al.  Cryptographic Hardware and Embedded Systems — CHES 2001 , 2001 .

[7]  T. Takagi,et al.  Exceptional Procedure Attackon Elliptic Curve Cryptosystems , 2003 .

[8]  Marc Joye,et al.  Highly Regular Right-to-Left Algorithms for Scalar Multiplication , 2007, CHES.

[9]  Marc Joye,et al.  Scalar multiplication on Weierstraß elliptic curves from Co-Z arithmetic , 2011, Journal of Cryptographic Engineering.

[10]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[11]  Kouichi Sakurai,et al.  Power Analysis Breaks Elliptic Curve Cryptosystems even Secure against the Timing Attack , 2000, INDOCRYPT.

[12]  Tsuyoshi Takagi,et al.  On the Optimal Parameter Choice for Elliptic Curve Cryptosystems Using Isogeny , 2004, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[13]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[14]  P. Kocher,et al.  Di erential Power Analysis , 1999 .

[15]  Marc Joye,et al.  Fast Point Multiplication on Elliptic Curves through Isogenies , 2003, AAECC.

[16]  Nicolas Meloni,et al.  New Point Addition Formulae for ECC Applications , 2007, WAIFI.

[17]  Marc Joye,et al.  (Virtually) Free Randomization Techniques for Elliptic Curve Cryptography , 2003, ICICS.

[18]  Tsuyoshi Takagi,et al.  Exceptional Procedure Attack on Elliptic Curve Cryptosystems , 2003, Public Key Cryptography.

[19]  Ingrid Verbauwhede,et al.  Cryptographic Hardware and Embedded Systems - CHES 2007, 9th International Workshop, Vienna, Austria, September 10-13, 2007, Proceedings , 2007, CHES.

[20]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[21]  Bimal Roy,et al.  Progress in Cryptology —INDOCRYPT 2000 , 2002, Lecture Notes in Computer Science.

[22]  Aggelos Kiayias,et al.  BiTR: Built-in Tamper Resilience , 2011, IACR Cryptol. ePrint Arch..

[23]  David Pointcheval,et al.  Progress in Cryptology - AFRICACRYPT 2011 - 4th International Conference on Cryptology in Africa, Dakar, Senegal, July 5-7, 2011. Proceedings , 2011, AFRICACRYPT.

[24]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2003 , 2003, Lecture Notes in Computer Science.

[25]  Alfred Menezes,et al.  Elliptic curve public key cryptosystems , 1993, The Kluwer international series in engineering and computer science.

[26]  Atsuko Miyaji,et al.  Efficient Countermeasures against RPA, DPA, and SPA , 2004, CHES.

[27]  Neal Koblitz,et al.  Advances in Cryptology — CRYPTO ’96 , 2001, Lecture Notes in Computer Science.

[28]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[29]  Yvo Desmedt Public Key Cryptography — PKC 2003 , 2002, Lecture Notes in Computer Science.

[30]  Marc Joye,et al.  The Montgomery Powering Ladder , 2002, CHES.

[31]  Nigel P. Smart,et al.  An Analysis of Goubin's Refined Power Analysis Attack , 2003, CHES.

[32]  Tsuyoshi Takagi,et al.  Zero-Value Point Attacks on Elliptic Curve Cryptosystem , 2003, ISC.

[33]  Marc Joye,et al.  Protections against Differential Analysis for Elliptic Curve Cryptography , 2001, CHES.

[34]  Marc Joye,et al.  Co-Z Addition Formulæ and Binary Ladders on Elliptic Curves - (Extended Abstract) , 2010, CHES.

[35]  Shu Lin,et al.  Applied Algebra, Algebraic Algorithms and Error-Correcting Codes , 1999, Lecture Notes in Computer Science.

[36]  Stefan Mangard,et al.  Cryptographic Hardware and Embedded Systems, CHES 2010, 12th International Workshop, Santa Barbara, CA, USA, August 17-20, 2010. Proceedings , 2010, CHES.

[37]  Marc Joye Smart-Card Implementation of Elliptic Curve Cryptography and DPA-type Attacks , 2004, CARDIS.

[38]  Marc Joye,et al.  Cryptographic Hardware and Embedded Systems - CHES 2004 , 2004, Lecture Notes in Computer Science.

[39]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[40]  C. Small Arithmetic of Finite Fields , 1991 .

[41]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[42]  Jianying Zhou,et al.  Information and Communications Security , 2013, Lecture Notes in Computer Science.