Elliptic Curve Public Key Cryptosystems
Elliptic Curve Public Key Cryptosystems
Analysis of the Weil Descent Attack of Gaudry, Hess and Smart
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Use of Elliptic Curves in Cryptography
CRYPTO '85 Advances in Cryptology
Differential Fault Analysis of Secret Key Cryptosystems
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Extending the GHS Weil Descent Attack
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
INDOCRYPT '01 Proceedings of the Second International Conference on Cryptology in India: Progress in Cryptology
Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults
Proceedings of the 5th International Workshop on Security Protocols
RSA-type Signatures in the Presence of Transient Faults
Proceedings of the 6th IMA International Conference on Cryptography and Coding
On the Performance of Signature Schemes Based on Elliptic Curves
ANTS-III Proceedings of the Third International Symposium on Algorithmic Number Theory
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
A Fault Attack on Pairing-Based Cryptography
IEEE Transactions on Computers
Fault Detection Architectures for Field Multiplication Using Polynomial Bases
IEEE Transactions on Computers
An Operation-Centered Approach to Fault Detection in Symmetric Cryptography Ciphers
IEEE Transactions on Computers
On concurrent detection of errors in polynomial basis multiplication
IEEE Transactions on Very Large Scale Integration (VLSI) Systems
Fault Attacks on Public Key Elements: Application to DLP-Based Schemes
EuroPKI '08 Proceedings of the 5th European PKI workshop on Public Key Infrastructure: Theory and Practice
Montgomery Residue Representation Fault-Tolerant Computation in GF(2k)
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
On Second-Order Fault Analysis Resistance for CRT-RSA Implementations
WISTP '09 Proceedings of the 3rd IFIP WG 11.2 International Workshop on Information Security Theory and Practice. Smart Devices, Pervasive Systems, and Ubiquitous Networks
Programmable and Parallel ECC Coprocessor Architecture: Tradeoffs between Area, Speed and Security
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
To infinity and beyond: combined attack on ECC using points of low order
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Fault attack to the elliptic curve digital signature algorithm with multiple bit faults
Proceedings of the 4th international conference on Security of information and networks
Why one should also secure RSA public key elements
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
Is it wise to publish your public RSA keys?
FDTC'06 Proceedings of the Third international conference on Fault Diagnosis and Tolerance in Cryptography
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
General fault attacks on multivariate public key cryptosystems
PQCrypto'11 Proceedings of the 4th international conference on Post-Quantum Cryptography
An updated survey on secure ECC implementations: attacks, countermeasures and cost
Cryptography and Security
Practical realisation and elimination of an ECC-Related software bug attack
CT-RSA'12 Proceedings of the 12th conference on Topics in Cryptology
Differential fault analysis of AES: Toward reducing number of faults
Information Sciences: an International Journal
Differential fault analysis of ARIA in multi-byte fault models
Journal of Systems and Software
Fault attacks on projective-to-affine coordinates conversion
COSADE'13 Proceedings of the 4th international conference on Constructive Side-Channel Analysis and Secure Design
| Hi-index | 0.01 |
Elliptic curve cryptosystems in the presence of faults were studied by Biehl et al., Advances in Cryptology CRYPTO 2000, Springer Verlag (2000) pp. 131--146. The first fault model they consider requires that the input point P in the computation of dP is chosen by the adversary. Their second and third fault models only require the knowledge of P. But these two latter models are less `practical' in the sense that they assume that only a few bits of error are inserted (typically exactly one bit is supposed to be disturbed) either into P just prior to the point multiplication or during the course of the computation in a chosen location.This paper relaxes these assumptions and shows how random (and thus unknown) errors in either coordinates of point P, in the elliptic curve parameters or in the field representation enable the (partial) recovery of multiplier d. Then, from multiple point multiplications, we explain how this can be turned into a total key recovery. Simple precautions to prevent the leakage of secrets are also discussed.