An updated survey on secure ECC implementations: Attacks, countermeasures and cost

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 6805 LNCS, Issue , 2012, Pages 265-282

  Fan, Junfeng ^a   Verbauwhede, Ingrid ^a  

^a UNIVERSITY OF LEUVEN   (Belgium)

Author keywords

Elliptic curve cryptosystems; fault attacks; side channel attacks

Indexed keywords

ATTACK METHODS; CRYPTOGRAPHIC PRIMITIVES; EARLY DESIGN STAGES; ELLIPTIC CURVE CRYPTOGRAPHY; ELLIPTIC CURVE CRYPTOSYSTEMS; FAULT ATTACK; PHYSICAL ATTACKS; ROAD-MAPS; SIDE-CHANNEL ATTACKS; SYSTEM DESIGNERS;

SYSTEMS ANALYSIS;

CRYPTOGRAPHY;

EID: 84857697276     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-28368-0_18     Document Type: Article

References (50)

1. Akishita, T., Takagi, T.: Zero-Value Point Attacks Elliptic Curve Cryptosystem. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 218-233. Springer, Heidelberg (2003)
2. Avanzi, R.: Side Channel Attacks on Implementations of Curve-Based Cryptographic Primitives. Cryptology ePrint Archive, Report 2005 /017, http://eprint.iacr.org/
3. Avanzi, R.M., Cohen, H., Doche, C., Frey, G., Lange, T., Nguyen, K., Vercauteren, F.: Handbook of Elliptic and Hyperelliptic Curve Cryptography. CRC Press, Boca Raton (2005)
4. Baek, Y.-J., Vasyltsov, I.: How to Prevent DPA and Fault Attack in a Unified Way for ECC Scalar Multiplication -Ring Extension Method. In: Dawson, E., Wong, D.S. (eds.) ISPEC 2007. LNCS, vol. 4464, pp. 225-237. Springer, Heidelberg (2007) (Pubitemid 350259428)
5. Biehl, I., Meyer, B., Müller, V.: Differential Fault Attacks on Elliptic Curve Cryptosystems. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 131-146. Springer, Heidelberg (2000)
6. Blake, I., Seroussi, G., Smart, N., Cassels, J.W.S.: Advances in Elliptic Curve Cryptography. London Mathematical Society Lecture Note Series. Cambridge University Press, New York (2005)
7. Blömer, J., Otto, M., Seifert, J.-P.: Sign Change Fault Attacks on Elliptic Curve Cryptosystems. In: Breveglieri, L., Koren, I., Naccache, D., Seifert, J.-P. (eds.) FDTC 2006. LNCS, vol. 4236, pp. 36-52. Springer, Heidelberg (2006) (Pubitemid 44856613)
8. Brier, E., Joye, M.: Weierstraß Elliptic Curves and Side-Channel Attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 335-345. Springer, Heidelberg (2002)
9. Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski Jr., B.S., Koç, Ç .K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13-28. Springer, Heidelberg (2003)
10. Chevallier-Mames, B., Ciet, M., Joye, M.: Low-Cost Solutions for Preventing Simple Side-Channel Analysis: Side-Channel Atomicity. IEEE Trans. Computers 53(6), 760-768 (2004)
11. Ciet, M., Joye, M.: (Virtually) Free Randomization Techniques for Elliptic Curve Cryptography. In: Qing, S., Gollmann, D., Zhou, J. (eds.) ICICS 2003. LNCS, vol. 2836, pp. 348-359. Springer, Heidelberg (2003)
12. Ciet, M., Joye, M.: Elliptic Curve Cryptosystems in the Presence of Permanent and Transient Faults. Des. Codes Cryptography 36(1), 33-43 (2005) (Pubitemid 40666254)
13. Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Horizontal Correlation Analysis on Exponentiation. In: Soriano, M., Qing, S., López, J. (eds.) ICICS 2010. LNCS, vol. 6476, pp. 46-61. Springer, Heidelberg (2010)
14. Coron, J.: Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems. In: Koç, Ç .K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292-302. Springer, Heidelberg (1999)
15. Dominguez-Oviedo, A.: On Fault-based Attacks and Countermeasures for Elliptic Curve Cryptosystems. PhD thesis, University of Waterloo, Canada (2008)
16. Fan, J., Guo, X., De Mulder, E., Schaumont, P., Preneel, B., Verbauwhede, I.: State-of-the-art of Secure ECC Implementations: A Survey on Known Side-channel Attacks and Countermeasures. In: HOST, pp. 76-87. IEEE Computer Society, Los Alamitos (2010)
17. Fouque, P., Lercier, R., Réal, D., Valette, F.: Fault Attack on Elliptic Curve Montgomery Ladder Implementation. In: Fifth International Workshop on Fault Diagnosis and Tolerance in Cryptography -FDTC, pp. 92-98 (2008)
18. Fouque, P., Réal, D., Valette, F., Drissi, M.: The Carry Leakage on the Randomized Exponent Countermeasure. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 198-213. Springer, Heidelberg (2008)
19. Fouque, P.-A., Valette, F.: The Doubling Attack -Why Upwards Is Better than Downwards. In: Walter, C.D., Koç, Ç .K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 269-280. Springer, Heidelberg (2003)
20. Giraud, C.: An RSA Implementation Resistant to Fault Attacks and to Simple Power Analysis. IEEE Trans. Computers 55(9), 1116-1120 (2006) (Pubitemid 44263810)
21. Goubin, L.: A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 199-210. Springer, Heidelberg (2002) (Pubitemid 36137138)
22. Ha, J., Park, J., Moon, S., Yen, S.: Provably Secure Countermeasure Resistant to Several Types of Power Attack for ECC. In: Kim, S., Yung, M., Lee, H.-W. (eds.) WISA 2007. LNCS, vol. 4867, pp. 333-344. Springer, Heidelberg (2008) (Pubitemid 351153994)
23. Herbst, C., Medwed, M.: Using Templates to Attack Masked Montgomery Ladder Implementations of Modular Exponentiation. In: Chung, K.-I., Sohn, K., Yung, M. (eds.) WISA 2008. LNCS, vol. 5379, pp. 1-13. Springer, Heidelberg (2009)
24. Homma, N., Miyamoto, A., Aoki, T., Satoh, A., Shamir, A.: Collision-based power analysis of modular exponentiation using chosen-message pairs. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 15-29. Springer, Heidelberg (2008)
25. Itoh, K., Izu, T., Takenaka, M.: Address-Bit Differential Power Analysis of Cryptographic Schemes OK-ECDH and OK-ECDSA. In: Kaliski Jr., B.S., Koç, Ç .K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 129-143. Springer, Heidelberg (2003)
26. Itoh, K., Izu, T., Takenaka, M.: A Practical Countermeasure against Address-Bit Differential Power Analysis. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 382-396. Springer, Heidelberg (2003)
27. Izumi, M., Ikegami, J., Sakiyama, K., Ohta, K.: Improved countermeasure against Address-bit DPA for ECC scalar multiplication. In: DATE, pp. 981-984. IEEE, Los Alamitos (2010)
28. Joye, M.: On the security of a unified countermeasure. In: FDTC 2008: Proceedings of the 5th Workshop on Fault Diagnosis and Tolerance in Cryptography, pp. 87-91. IEEE Computer Society, Los Alamitos (2008)
29. Joye, M., Tymen, C.: Protections against Differential Analysis for Elliptic Curve Cryptography. In: Koç, Ç .K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 377-390. Springer, Heidelberg (2001) (Pubitemid 33329078)
30. Joye, M., Yen, S.-M.: The Montgomery Powering Ladder. In: Kaliski Jr., B.S., Koç, Ç .K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 291-302. Springer, Heidelberg (2003)
31. Karlof, C., Wagner, D.: Hidden Markov Model Cryptanalysis. In: Walter, C.D., Koç, Ç .K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 17-34. Springer, Heidelberg (2003)
32. Koblitz, N.: Elliptic Curve Cryptosystem. Math. Comp. 48, 203-209 (1987)
33. Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388-397. Springer, Heidelberg (1999)
34. Kömmerling, O., Kuhn, M.G.: Design principles for tamper-resistant smartcard processors. In: USENIX Workshop on Smartcard Technology -SmartCard 1999, pp. 9-20 (1999)
35. Mangard, S., Oswald, E., Popp, T.: Power analysis Attacks: Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)
36. May, D., Muller, H.L., Smart, N.P.: Random Register Renaming to Foil DPA. In: Koç, Ç .K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 28-38. Springer, Heidelberg (2001) (Pubitemid 33329051)
37. Medwed, M., Oswald, E.: Template Attacks on ECDSA. In: Chung, K.-I., Sohn, K., Yung, M. (eds.) WISA 2008. LNCS, vol. 5379, pp. 14-27. Springer, Heidelberg (2009)
38. Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Power analysis attacks of modular exponentiation in smartcards. In: Koç, Ç .K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 144-157. Springer, Heidelberg (1999)
39. Miller, V.S.: Use of Elliptic Curves in Cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417-426. Springer, Heidelberg (1986)
40. Montgomery, P.L.: Speeding the Pollard and elliptic curve methods of factorization. Mathematics of Computation 48(177), 243-264 (1987)
41. De Mulder, E., Örs, S., Preneel, B., Verbauwhede, I.: Differential power and electromagnetic attacks on a FPGA implementation of elliptic curve cryptosystems. Computers & Electrical Engineering 33(5-6), 367-382 (2007) (Pubitemid 47374748)
42. Muller, F., Valette, F.: High-Order Attacks Against the Exponent Splitting Protection. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 315-329. Springer, Heidelberg (2006) (Pubitemid 44029590)
43. Nguyen, P.Q., Shparlinski, I.: The insecurity of the elliptic curve digital signature algorithm with partially known nonces. Des. Codes Cryptography 30(2), 201-217 (2003)
44. Okeya, K., Sakurai, K.: Power Analysis Breaks Elliptic Curve Cryptosystems even Secure against the Timing Attack. In: Roy, B., Okamoto, E. (eds.) INDOCRYPT 2000. LNCS, vol. 1977, pp. 178-190. Springer, Heidelberg (2000) (Pubitemid 33210849)
45. Smart, N.P.: An Analysis of Goubin's Refined Power Analysis Attack. In: Walter, C.D., Koç, Ç .K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 281-290. Springer, Heidelberg (2003)
46. Stebila, D., Thériault, N.: Unified Point Addition Formulæ and Side-Channel Attacks. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 354-368. Springer, Heidelberg (2006) (Pubitemid 44700069)
47. Vanstone, S.: Responses to NIST's proposal. Communications of the ACM 35, 50-52 (1992)
48. Walter, C.D.: Simple Power Analysis of Unified Code for ECC Double and Add. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 191-204. Springer, Heidelberg (2004)
49. Yen, S.M., Joye, M.: Checking Before Output Not Be Enough Against Fault-Based Cryptanalysis. IEEE Trans. Computers 49(9), 967-970 (2000)
50. Yen, S.-M., Ko, L.-C., Moon, S.-J., Ha, J.C.: Relative Doubling Attack Against Montgomery Ladder. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 117-128. Springer, Heidelberg (2006) (Pubitemid 44029528)