A Countermeasure against One Physical Cryptanalysis May Benefit Another Attack
ICISC '01 Proceedings of the 4th International Conference Seoul on Information Security and Cryptology
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Power Analysis Attacks of Modular Exponentiation in Smartcards
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
Electromagnetic Analysis: Concrete Results
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Randomized Signed-Scalar Multiplication of ECC to Resist Power Attacks
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Improvement on ha-moon randomized exponentiation algorithm
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Digit set randomization in elliptic curve cryptography
SAGA'07 Proceedings of the 4th international conference on Stochastic Algorithms: foundations and applications
SPA countermeasure based on unsigned left-to-right recodings
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Hi-index | 0.00 |
The Ha-Moon algorithm [4] is a countermeasure against power analysis using a randomized addition chain. It has two drawbacks in that it requires an inversion and has a right-to-left approach. Recently, Yen et al. improved the algorithm by removing these drawbacks [11]. Their new algorithm is inversion-free, has a left-to-right approach, and employs a window method. They insisted that their algorithm leads to a more secure countermeasure in computing modular exponentiation against side-channel attacks. This algorithm, however, still has a similar weakness observed in [2, 10]. This paper shows that the improved Ha-Moon algorithm is vulnerable to differential power analysis even if we employ their method in selecting si.