Preventing SPA/DPA in ECC Systems Using the Jacobi Form
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Randomized Addition-Subtraction Chains as a Countermeasure against Power Attacks
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Hessian Elliptic Curves and Side-Channel Attacks
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Enhancing Simple Power-Analysis Attacks on Elliptic Curve Cryptosystems
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Some baby-step giant-step algorithms for the low hamming weight discrete logarithm problem
Mathematics of Computation
Advances in Elliptic Curve Cryptography (London Mathematical Society Lecture Note Series)
Advances in Elliptic Curve Cryptography (London Mathematical Society Lecture Note Series)
Breaking the liardet-smart randomized exponentiation algorithm
CARDIS'02 Proceedings of the 5th conference on Smart Card Research and Advanced Application Conference - Volume 5
Recovering Secret Keys from Weak Side Channel Traces of Differing Lengths
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Optimal Recovery of Secret Keys from Weak Side Channel Traces
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
Hi-index | 0.00 |
We extend the model of Karlof and Wagner for modelling side channel attacks via Input Driven Hidden Markov Models (IDHMM) to the case where not every state corresponds to a single observable symbol. This allows us to examine algorithms where errors in measurements can occur between sub-operations, e.g. there may be an error probability of distinguishing an add (A) versus a double (D) for an elliptic curve system. The prior work of Karlof and Wagner would assume the error was between distinguishing an add-double (AD) versus a double (D). Our model also allows the modelling of unknown values, where one is unable to determine whether a given observable is add or double, and is the first model to allow one to analyse incomplete traces. Hence, our extension allows a more realistic modelling of real side channel attacks. In addition we look at additional heuristic approaches to combine multiple traces together so as to deduce further information.