The importance of the final exponentiation in pairings when considering fault attacks

Authors:
Claire Whelan;Michael Scott
Affiliations:
School of Computing, Dublin City University, Dublin 9. Ireland;School of Computing, Dublin City University, Dublin 9. Ireland
Venue:
Pairing'07 Proceedings of the First international conference on Pairing-Based Cryptography
Year:
2007

Citing 10
Cited 6

Handbook of Applied Cryptography

Handbook of Applied Cryptography
Differential Power Analysis

CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Identity-Based Encryption from the Weil Pairing

CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Efficient Algorithms for Pairing-Based Cryptosystems

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Evidence that XTR Is More Secure than Supersingular Elliptic Curve Cryptosystems

EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
The Montgomery Powering Ladder

CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
The Weil Pairing, and Its Efficient Calculation

Journal of Cryptology
Implementing cryptographic pairings on smartcards

CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Sign change fault attacks on elliptic curve cryptosystems

FDTC'06 Proceedings of the Third international conference on Fault Diagnosis and Tolerance in Cryptography
Computing the tate pairing

CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology

The Hidden Root Problem

Pairing '08 Proceedings of the 2nd international conference on Pairing-Based Cryptography
What about Vulnerability to a Fault Attack of the Miller's Algorithm During an Identity Based Protocol?

ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
An efficient countermeasure against side channel attacks for pairing computation

ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Fault attacks against the miller algorithm in hessian coordinates

Inscrypt'11 Proceedings of the 7th international conference on Information Security and Cryptology
Improved side channel attacks on pairing based cryptography

COSADE'13 Proceedings of the 4th international conference on Constructive Side-Channel Analysis and Secure Design
Inverting the final exponentiation of tate pairings on ordinary elliptic curves using faults

CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

We investigate the possibilities for injecting faults on pairings and assess their consequences. We assess the effect of faults that seek to corrupt the data being operated on and show that pairings with either no or a straightforward final exponentiation are less secure than pairings with a more complex final exponentiation when considering such fault attacks. As evidence, we describe two types of fault attacks on the Weil and η pairing that recover the secret point, which cannot be applied to the Tate pairing. This can be accredited to its more complex final exponentiation.