Elliptic curves in cryptography
Elliptic curves in cryptography
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Differential Fault Attacks on Elliptic Curve Cryptosystems
CRYPTO '00 Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology
Efficient Elliptic Curve Exponentiation Using Mixed Coordinates
ASIACRYPT '98 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
Elliptic Curves with the Montgomery-Form and Their Cryptographic Applications
PKC '00 Proceedings of the Third International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Weierstraß Elliptic Curves and Side-Channel Attacks
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
Preventing SPA/DPA in ECC Systems Using the Jacobi Form
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Hessian Elliptic Curves and Side-Channel Attacks
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
The Hessian Form of an Elliptic Curve
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Twisted Edwards Curves Revisited
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
CT-RSA'11 Proceedings of the 11th international conference on Topics in cryptology: CT-RSA 2011
FPGA implementation of binary edwards curve usingternary representation
Proceedings of the 21st edition of the great lakes symposium on Great lakes symposium on VLSI
On XTR and side-channel analysis
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
Power analysis to ECC using differential power between multiplication and squaring
CARDIS'06 Proceedings of the 7th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Novel efficient implementations of hyperelliptic curve cryptosystems using degenerate divisors
WISA'04 Proceedings of the 5th international conference on Information Security Applications
Integration, the VLSI Journal
High-Speed unified elliptic curve cryptosystem on FPGAs using binary huff curves
VDAT'12 Proceedings of the 16th international conference on Progress in VLSI Design and Test
Low-Cost countermeasure against RPA
CARDIS'12 Proceedings of the 11th international conference on Smart Card Research and Advanced Applications
Elligator: elliptic-curve points indistinguishable from uniform random strings
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
On the implementation of unified arithmetic on binary huff curves
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Hi-index | 0.00 |
The scalar multiplication of elliptic curve based cryptosystems (ECC) is computed by repeatedly calling the addition formula that calculates the elliptic curve addition of two points. The addition formula involves several exceptional procedures so that implementers have to carefully consider their treatments. In this paper we study the exceptional procedure attack, which reveals the secret scalar using the error arisen from the exceptional procedures. Recently new forms of elliptic curves and addition formulas for ECC have been proposed, namely the Montgomery form, the Jacobi form, the Hessian form, and the Brier-Joye addition formula. They aim at improving security or efficiency of the underlying scalar multiplications. We analyze the effectiveness of the exceptional procedure attack to some addition formulas. We conclude that the exceptional procedure attack is infeasible against the curves whose order are prime, i.e., the recommended curves by several standards. However, the exceptional procedure attack on the Brier-Joye addition formula is feasible, because it yields non-standard exceptional points. We propose an attack that revealsa few bitso f the secret scalar, provided that this multiplier is constant and fixed. By the experiment over the standard elliptic curves, we have found many non-standard exceptional points even though the standard addition formula over the curves has no exceptional point. When a new addition formula isde veloped, we should be cautious about the proposed attack.