Review of Side Channel Attacks and Countermeasures on ECC , RSA , and AES Cryptosystems

There are many recent revolutionary technologies and advances in wireless communication and networking that changed people lives all over the globe. The wide spread of Internet and smart mobile devices which is equipped with wireless technologies to access the Internet, ease the electronic communication between devices. Such communications involve sharing and transferring sensitive and personal information that must be kept protected. Therefore, there is an increasing need to secure individuals and organizations, which is challenging for communication and networking systems. For many years, cryptographic algorithms were used to ensure security in communication channels and networks. These algorithms are supposed to insure authentication, data integrity, confidentiality and access control. However, there are several attacks that threaten their functions and implementations, mainly Side Channel Attacks. Therefore, compromising security of these algorithms implies compromising security of communication systems that are using them. Among the most known symmetric encryption algorithms is the AES, which is used for several applications. In the same context, the most used Asymmetric Encryption Systems are ECC and RSA. In this research we present the most recent Side Channel attack on ECC, RSA and AES. Moreover, we discuss the most effective countermeasures for protecting these cryptosystems against cyber-attacks.

[1]  Mustapha Hedabou,et al.  A comb method to render ECC resistant against Side Channel Attacks , 2004, IACR Cryptol. ePrint Arch..

[2]  Christophe Clavier,et al.  Horizontal Correlation Analysis on Exponentiation , 2010, ICICS.

[3]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[4]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[5]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[6]  Marc Joye,et al.  Weierstraß Elliptic Curves and Side-Channel Attacks , 2002, Public Key Cryptography.

[7]  Hsie-Chia Chang,et al.  An Efficient Countermeasure against Correlation Power-Analysis Attacks with Randomized Montgomery Operations for DF-ECC Processor , 2012, CHES.

[8]  Tanja Lange,et al.  Handbook of Elliptic and Hyperelliptic Curve Cryptography , 2005 .

[9]  Hsie-Chia Chang,et al.  A 521-bit dual-field elliptic curve cryptographic processor with power analysis resistance , 2010, 2010 Proceedings of ESSCIRC.

[10]  Louis Goubin,et al.  A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems , 2003, Public Key Cryptography.

[11]  Elena Trichina,et al.  Implementation of Elliptic Curve Cryptography with Built-In Counter Measures against Side Channel Attacks , 2002, CHES.

[12]  Hisayoshi Sato,et al.  Exact Analysis of Montgomery Multiplication , 2004, INDOCRYPT.

[13]  Thomas S. Messerges,et al.  Investigations of Power Analysis Attacks on Smartcards , 1999, Smartcard.

[14]  Marc Joye,et al.  Low-cost solutions for preventing simple side-channel analysis: side-channel atomicity , 2004, IEEE Transactions on Computers.

[15]  Patrick Longa,et al.  Accelerating the Scalar Multiplication on Elliptic Curve Cryptosystems over Prime Fields , 2008, IACR Cryptol. ePrint Arch..

[16]  Éliane Jaulmes,et al.  Side-Channel Analysis of Montgomery's Representation Randomization , 2014, Selected Areas in Cryptography.

[17]  David Naccache,et al.  Same Values Power Analysis Using Special Points on Elliptic Curves , 2012, COSADE.

[18]  Paolo Maistri,et al.  Design of a secure architecture for scalar multiplication on elliptic curves , 2014, 2014 10th Conference on Ph.D. Research in Microelectronics and Electronics (PRIME).

[19]  Marc Joye,et al.  Hessian Elliptic Curves and Side-Channel Attacks , 2001, CHES.

[20]  Yaser Jararweh,et al.  An integrated radix-4 modular divider/multiplier hardware architecture for cryptographic applications , 2012, Int. Arab J. Inf. Technol..

[21]  Elisabeth Oswald,et al.  Template Attacks on ECDSA , 2009, WISA.

[22]  Denis Réal,et al.  The Carry Leakage on the Randomized Exponent Countermeasure , 2008, CHES.

[23]  Nigel P. Smart,et al.  Preventing SPA/DPA in ECC Systems Using the Jacobi Form , 2001, CHES.

[24]  Marc Joye,et al.  The Jacobi Model of an Elliptic Curve and Side-Channel Analysis , 2003, AAECC.

[25]  Vincent Verneuil,et al.  Atomicity Improvement for Elliptic Curve Scalar Multiplication , 2010, CARDIS.

[26]  Pankaj Rohatgi,et al.  Template Attacks , 2002, CHES.

[27]  Marc Joye,et al.  Protections against Differential Analysis for Elliptic Curve Cryptography , 2001, CHES.

[28]  C. D. Walter,et al.  Sliding Windows Succumbs to Big Mac Attack , 2001, CHES.

[29]  Kouichi Itoh,et al.  Address-Bit Differential Power Analysis of Cryptographic Schemes OK-ECDH and OK-ECDSA , 2002, CHES.

[30]  Nicolas Thériault,et al.  Unified Point Addition Formulæ and Side-Channel Attacks , 2006, CHES.

[31]  Debdeep Mukhopadhyay,et al.  Petrel: Power and Timing Attack Resistant Elliptic Curve Scalar Multiplier Based on Programmable ${\rm GF}(p)$ Arithmetic Unit , 2011, IEEE Transactions on Circuits and Systems I: Regular Papers.

[32]  Turki F. Al-Somani,et al.  More secure Internet of Things using robust encryption algorithms against side channel attacks , 2016, 2016 IEEE/ACS 13th International Conference of Computer Systems and Applications (AICCSA).

[33]  Johannes Wolkerstorfer,et al.  ECC Processor with Low Die Size for RFID Applications , 2007, 2007 IEEE International Symposium on Circuits and Systems.

[34]  朱定局,et al.  Efficient solution to secure ECC against side-channel attacks , 2011 .

[35]  P. L. Montgomery Speeding the Pollard and elliptic curve methods of factorization , 1987 .

[36]  Tanja Lange,et al.  Faster Addition and Doubling on Elliptic Curves , 2007, ASIACRYPT.

[37]  Bodo Möller,et al.  Parallelizable Elliptic Curve Point Multiplication Method with Resistance against Side-Channel Attacks , 2002, ISC.

[38]  Ming-Der Shieh,et al.  An efficient countermeasure against power attacks for ECC over GF(p) , 2014, 2014 IEEE International Symposium on Circuits and Systems (ISCAS).

[39]  Marc Joye,et al.  (Virtually) Free Randomization Techniques for Elliptic Curve Cryptography , 2003, ICICS.

[40]  Éliane Jaulmes,et al.  Horizontal and Vertical Side-Channel Attacks against Secure RSA Implementations , 2013, CT-RSA.

[41]  Frederik Vercauteren,et al.  To Infinity and Beyond: Combined Attack on ECC Using Points of Low Order , 2011, CHES.

[42]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[43]  High Performance Elliptic Curve Scalar Multiplication with Resistance Against Power Analysis Attacks , 2008 .

[44]  A TawalbehLo'ai,et al.  Hardware Design and Implementation of ElGamal Public-Key Cryptography Algorithm , 2010 .

[45]  Frédéric Valette,et al.  The Doubling Attack - Why Upwards Is Better than Downwards , 2003, CHES.

[46]  JaeCheol Ha,et al.  Provably Secure Countermeasure Resistant to Several Types of Power Attack for ECC , 2007, WISA.

[47]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[48]  Christof Paar,et al.  Are standards compliant Elliptic Curve Cryptosystems feasible on RFID ? , 2006 .

[49]  Xinmiao Zhang,et al.  Wireless Security and Cryptography: Specifications and Implementations , 2007 .

[50]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.

[51]  Peter Schwabe,et al.  Online template attacks , 2014, Journal of Cryptographic Engineering.

[52]  M. Joye,et al.  Universal Exponentiation Algorithm A First Step towards Provable SPA-Resistance , 2001 .

[53]  Nigel P. Smart,et al.  Lattice Attacks on Digital Signature Schemes , 2001, Des. Codes Cryptogr..

[54]  JaeCheol Ha,et al.  Relative Doubling Attack Against Montgomery Ladder , 2005, ICISC.

[55]  Ingrid Verbauwhede,et al.  Elliptic-Curve-Based Security Processor for RFID , 2008, IEEE Transactions on Computers.

[56]  Tsuyoshi Takagi,et al.  Zero-Value Point Attacks on Elliptic Curve Cryptosystem , 2003, ISC.

[57]  Jacques Stern,et al.  Projective Coordinates Leak , 2004, EUROCRYPT.

[58]  Lo'ai Tawalbeh,et al.  An efficient hardware architecture of a scalable elliptic curve crypto-processor over GF(2n) , 2005, SPIE Optics + Photonics.

[59]  Atsuko Miyaji,et al.  Efficient Countermeasures against RPA, DPA, and SPA , 2004, CHES.

[60]  Saadeh Sweidan,et al.  Hardware Design and Implementation of ElGamal Public-Key Cryptography Algorithm , 2010, Inf. Secur. J. A Glob. Perspect..

[61]  David Naccache,et al.  Low-Cost Countermeasure against RPA , 2012, CARDIS.

[62]  C. D. Walter,et al.  Simple Power Analysis of Unified Code for ECC Double and Add , 2004, CHES.

[63]  Nele Mentens,et al.  Side-channel evaluation of FPGA implementations of binary Edwards curves , 2010, 2010 17th IEEE International Conference on Electronics, Circuits and Systems.

[64]  Ekambaram Kesavulu Reddy Elliptic Curve Cryptosystems and Side-channel Attacks , 2011, Int. J. Netw. Secur..

[65]  Hsie-Chia Chang,et al.  Efficient Power-Analysis-Resistant Dual-Field Elliptic Curve Cryptographic Processor Using Heterogeneous Dual-Processing-Element Architecture , 2014, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.