Coordinate Blinding over Large Prime Fields

In this paper we propose a multiplicative blinding scheme for protecting implementations of a scalar multiplication over elliptic curves. Specifically, this blinding method applies to elliptic curves in the short Weierstras form over large prime fields. The described countermeasure is shown to be a generalization of the use of random curve isomorphisms to prevent side-channel analysis, and our best configuration of this countermeasure is shown to be equivalent to the use of random curve isomorphisms. Furthermore, we describe how this countermeasure, and therefore random curve isomorphisms, can be efficiently implemented using Montgomery multiplication.

[1]  Christophe Giraud,et al.  An Implementation of DES and AES, Secure against Some Attacks , 2001, CHES.

[2]  Tsuyoshi Takagi,et al.  On the Optimal Parameter Choice for Elliptic Curve Cryptosystems Using Isogeny , 2004, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[3]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[4]  C. D. Walter,et al.  Longer Keys May Facilitate Side Channel Attacks , 2003, Selected Areas in Cryptography.

[5]  Christophe Clavier,et al.  Universal Exponentiation Algorithm , 2001, CHES.

[6]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[7]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[8]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[9]  Jean-Jacques Quisquater,et al.  Montgomery Exponentiation with no Final Subtractions: Improved Results , 2000, CHES.

[10]  Atsuko Miyaji,et al.  Efficient Elliptic Curve Exponentiation Using Mixed Coordinates , 1998, ASIACRYPT.

[11]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[12]  Bart Preneel,et al.  On the Performance of Signature Schemes Based on Elliptic Curves , 1998, ANTS.

[13]  Kouichi Itoh,et al.  Efficient Countermeasures against Power Analysis for Elliptic Curve Cryptosystems , 2004, CARDIS.

[14]  Tanja Lange,et al.  Faster Addition and Doubling on Elliptic Curves , 2007, ASIACRYPT.

[15]  Marc Joye,et al.  Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis , 2000, IEEE Trans. Computers.

[16]  Jean-Sébastien Coron,et al.  Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems , 1999, CHES.

[17]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[18]  C. D. Walter,et al.  Distinguishing Exponent Digits by Observing Modular Subtractions , 2001, CT-RSA.

[19]  Nigel P. Smart,et al.  An Analysis of Goubin's Refined Power Analysis Attack , 2003, CHES.

[20]  Elisabeth Oswald,et al.  Randomised representations , 2008, IET Inf. Secur..

[21]  C. D. Walter,et al.  Montgomery exponentiation needs no final subtractions , 1999 .

[22]  Marc Joye,et al.  Exponent Recoding and Regular Exponentiation Algorithms , 2009, AFRICACRYPT.

[23]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[24]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[25]  Marc Joye,et al.  Low-cost solutions for preventing simple side-channel analysis: side-channel atomicity , 2004, IEEE Transactions on Computers.

[26]  Marc Joye,et al.  Protections against Differential Analysis for Elliptic Curve Cryptography , 2001, CHES.

[27]  Marc Joye,et al.  Weierstraß Elliptic Curves and Side-Channel Attacks , 2002, Public Key Cryptography.

[28]  Louis Goubin,et al.  A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems , 2003, Public Key Cryptography.

[29]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[30]  C. D. Walter,et al.  Simple Power Analysis of Unified Code for ECC Double and Add , 2004, CHES.

[31]  Tsuyoshi Takagi,et al.  Zero-Value Point Attacks on Elliptic Curve Cryptosystem , 2003, ISC.