Side Channel Cryptanalysis on XTR Public Key Cryptosystem*

  • Authors:

  • Dong-Guk Han;Tetsuya Izu;Jongin Lim;Kouichi Sakurai

  • Affiliations:

  • The authors are with Center for Information and Security Technologies(CIST), Korea University, Seoul, 136-701, Korea. E-mail: christa@korea.ac.krjilim@korea.ac.kr,;The author is with FUJITSU LABORATORIES Ltd., Kawasaki-shi, 211-8588 Japan. E-mail: izu@labs.fujitsu.com,;The authors are with Center for Information and Security Technologies(CIST), Korea University, Seoul, 136-701, Korea. E-mail: christa@korea.ac.krjilim@korea.ac.kr,;The author is with Computer Science and Communication Engineering, Fukuoka-shi, 812-8581 Japan. E-mail: sakurai@csce.kyushu-u.ac.jp

  • Venue:
  • IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
  • Year:
  • 2005

Quantified Score

Hi-index 0.00

Visualization

Abstract

The XTR public key cryptosystem was introduced in 2000. XTR is suitable for a variety of environments including low-end smart cards, and is regarded as an excellent alternative to RSA and ECC. Moreover, it is remarked that XTR single exponentiation (XTR-SE) is less susceptible than usual exponentiation routines to environmental attacks such as the timing attack and the differential power analysis (DPA). This paper investigates the security of side channel attack (SCA) on XTR. In this paper, we show the immunity of XTR-SE against the simple power analysis if the order of the computation of XTR-SE is carefully considered. In addition, we show that XTR-SE is vulnerable to the data-bit DPA, the address-bit DPA, the doubling attack, the modified refined power analysis, and the modified zero-value attack. Moreover, we propose some countermeasures against these attacks. We also show experimental results of the efficiency of the countermeasures. From our implementation results, if we compare XTR with ECC with countermeasures against "SCAs," we think XTR is as suitable to smart cards as ECC.