SCA resistant parallel explicit formula for addition and doubling of divisors in the jacobian of hyperelliptic curves of genus 2

  • Authors:

  • Tanja Lange;Pradeep Kumar Mishra

  • Affiliations:

  • Department of Mathematics, Technical University of Denmark, Kgs. Lyngby, Denmark;Centre for Information Security and Cryptography (CISaC), University of Calgary, Calgary, AB, Canada

  • Venue:
  • INDOCRYPT'05 Proceedings of the 6th international conference on Cryptology in India
  • Year:
  • 2005

Quantified Score

Hi-index 0.00

Visualization

Abstract

Hyperelliptic curve cryptosystems (HECC) can be implemented on a variety of computing devices, starting from smart cards to high end workstations. Side-channel attacks are one of the most potential threats against low genus HECC. Thus efficient algorithms resistant against side channel attacks are the need of the hour. In the current work we provide implementation ready formulae for addition and doubling on curves of genus 2 which are shielded against simple side-channel analysis by having a uniform performance. This is achieved by applying the concept of side-channel atomicity – introducing cheap dummy operations to make all traces look identical. So far a detailed study of countermeasures against side-channel attacks exists only for differential attacks. There one assumes that the performance is made predictable by other means. But apart from the double-and-alway-add approach only generalizations of the Montgomery form were suggested and only for odd characteristic. They are less efficient and do not combine well with some of the countermeasures against differential attacks. Hence, our contribution closes the gap to achieve secured implementations of HECC on devices exposed to side-channel attacks. To increase the performance even further we show how our formulae can be implemented in parallel on two multipliers using a low number of registers. It is also possible to combine our method with precomputations.