Distinguishing Exponent Digits by Observing Modular Subtractions
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Precise Bounds for Montgomery Modular Multiplication and Some Potentially Insecure RSA Moduli
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
MIST: An Efficient, Randomized Exponentiation Algorithm for Resisting Power Analysis
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards
E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
Power Analysis Attacks of Modular Exponentiation in Smartcards
CHES '99 Proceedings of the First International Workshop on Cryptographic Hardware and Embedded Systems
Randomized Signed-Scalar Multiplication of ECC to Resist Power Attacks
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Secure Elliptic Curve Implementations: An Analysis of Resistance to Power-Attacks in a DSP Processor
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
DPA Countermeasures by Improving the Window Method
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Improved Elliptic Curve Multiplication Methods Resistant against Side Channel Attacks
INDOCRYPT '02 Proceedings of the Third International Conference on Cryptology: Progress in Cryptology
Recovering Secret Keys from Weak Side Channel Traces of Differing Lengths
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Optimal Recovery of Secret Keys from Weak Side Channel Traces
Cryptography and Coding '09 Proceedings of the 12th IMA International Conference on Cryptography and Coding
A random M-ary method based countermeasure against side channel attacks
ICCSA'03 Proceedings of the 2003 international conference on Computational science and its applications: PartII
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Fast elliptic curve arithmetic and improved weil pairing evaluation
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Simple backdoors for RSA key generation
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Further hidden markov model cryptanalysis
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
Digit set randomization in elliptic curve cryptography
SAGA'07 Proceedings of the 4th international conference on Stochastic Algorithms: foundations and applications
| Hi-index | 0.00 |
In smartcard encryption and signature applications, randomised algorithms are used to increase tamper resistance against attacks beased on side channel leakage. Recently several such algorithms have appeared which are suitable for RSA exponentiation and/or EOC point multiplication. We show that under certain apparently reasonable hypotheses about the countermeasures in place and the attacker's monitoring equipment, repeated use of the same secret key with the algorithm of Liardet and Smart is insecure against any side channel which leaks enough data to differentiate between the adds and doubles in a single scalar multiplication. Thus the scalar needs to be blinded in the standard way, or some other suitable counter-measures employed, if the algorithm is to be used safely in such a context.