Use of elliptic curves in cryptography
Lecture notes in computer sciences; 218 on Advances in cryptology---CRYPTO 85
Elliptic curves in cryptography
Elliptic curves in cryptography
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Efficient Elliptic Curve Exponentiation Using Mixed Coordinates
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Securing Elliptic Curve Point Multiplication against Side-Channel Attacks
ISC '01 Proceedings of the 4th International Conference on Information Security
Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
Randomized Addition-Subtraction Chains as a Countermeasure against Power Attacks
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
A Practical Implementation of Elliptic Curve Cryptosystems over GF(p) on a 16-bit Microcomputer
PKC '98 Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
New Elliptic Curve Multi-scalar Multiplication Algorithm for a Pair of Integers to Resist SPA
Information Security and Cryptology
A random M-ary method based countermeasure against side channel attacks
ICCSA'03 Proceedings of the 2003 international conference on Computational science and its applications: PartII
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Fast elliptic curve arithmetic and improved weil pairing evaluation
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Hi-index | 0.00 |
Elliptic curve cryptosystems (ECCs) are becoming more popular because of the reduced number of key bits required in comparison to other cryptosystems (e.g. a 160 bit ECC has roughly the same security as 1024 bit RSA). ECCs are especially suited to smart cards because of the limited memory and computational power available on these devices. However, the side-channel attacks which have recently been proposed can obtain information about the cryptosystem by measuring side-channel information such as power consumption and processing time. This information may be used to break implementations that have not incorporated defences against these attacks. This paper presents a new defence against Simple Power Analysis (SPA). This new defence is based on the NAF (non-adjacent form) representation of a scalar and requires 44% fewer additions and 11% extra doublings than the commonly recommended defence of performing a point addition in every loop of the binary scalar multiplication algorithm.