Examining Smart-Card Security under the Threat of Power Analysis Attacks
IEEE Transactions on Computers
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Identity-Based Encryption from the Weil Pairing
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Efficient Algorithms for Pairing-Based Cryptosystems
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
Pairing '08 Proceedings of the 2nd international conference on Pairing-Based Cryptography
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
An efficient countermeasure against side channel attacks for pairing computation
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
A correlation power analysis attack against tate pairing on FPGA
ARC'11 Proceedings of the 7th international conference on Reconfigurable computing: architectures, tools and applications
Fault attacks against the miller algorithm in hessian coordinates
Inscrypt'11 Proceedings of the 7th international conference on Information Security and Cryptology
Improved side channel attacks on pairing based cryptography
COSADE'13 Proceedings of the 4th international conference on Constructive Side-Channel Analysis and Secure Design
Inverting the final exponentiation of tate pairings on ordinary elliptic curves using faults
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Hi-index | 0.00 |
We present an investigation into the security of three practical pairing algorithms; the Tate, truncated Eta (ηT) and Ate pairing, in terms of side channel vulnerability. These three algorithms have recently shown to be efficiently computable on the resource constrained smart card, however no in depth side channel analysis of these specific pairing implementations has yet appeared in the literature. We assess these algorithms based on two main avenues of attack since the secret parameter input to the pairing can potentially be entered in two possible positions, i.e. e(P,Q) or e(Q,P) where P is public and Q is private. We analyse the core operations fundamental to pairings and propose how they can be attacked in a computationally efficient way. Building on this we show how each implementation may potentially succumb to a side channel attack and demonstrate how one path is more susceptible than the other in Tate and Ate. For those who wish to deploy pairing based systems we make a simple suggestion to improve resistance to side channel attacks.