Elliptic curves in cryptography
Elliptic curves in cryptography
Elliptic Curve Public Key Cryptosystems
Elliptic Curve Public Key Cryptosystems
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
CM-Curves with Good Cryptographic Properties
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Efficient Multiplication on Certain Nonsupersingular Elliptic Curves
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
More Flexible Exponentiation with Precomputation
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
An Improved Algorithm for Arithmetic on a Family of Elliptic Curves
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
A Second-Order DPA Attack Breaks a Window-Method Based Countermeasure against Side Channel Attacks
ISC '02 Proceedings of the 5th International Conference on Information Security
A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
CHES '00 Proceedings of the Second International Workshop on Cryptographic Hardware and Embedded Systems
Protections against Differential Analysis for Elliptic Curve Cryptography
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
| Hi-index | 0.00 |
The Frobenius endomorphism τ is known to be useful for efficient scalar multiplication on elliptic curves defined over a field with small characteristic ($E(\mathbb{F}_q^m)$). However, on devices with small resources, scalar multiplication algorithms using Frobenius are, as the usual double-and-add algorithms, vulnerable to Side Channel Attacks (SCA). The more successful countermeasure for thwarting the SCA attacks on the Frobenius-based τ – adic method seems to be the multiplier randomization technique introduced by Joye and Tymen. This technique increases the computational time by about 25%. In this paper, we propose two efficient countermeasures against SCA attacks, including the powerful RPA and ZPA attacks. First, we propose to adapt the Randomized Initial Point technique (RIP) to the τ – adic method for Koblitz curves with trace 1 by using a small precomputed table (only 3 points stored). We present also an efficient fixed base τ – adic method SCA-resistant based on the Lim and Lee technique. For this purpose we modify the τ – NAF representation of the secret scalar in order to obtain a new sequence of non-zero bit-strings. This, combined with the use of Randomized Linearly-transformed coordinates (RLC), will prevent the SCA attacks on the fixed base τ – adic method, including RPA and ZPA. Furthermore, our algorithm optimizes both the size of the precomputed table and the computation time. Indeed, we only store 2w−−1 points instead of $\frac{3^w - 1}{2}$ for the fixed-base τ – adic method, with a more advantageous running time.