Cryptanalysis of Ha-Moon's Countermeasure of Randomized Signed Scalar Multiplication(<Special Section>Discrete Mathematics and Its Applications)
スポンサーリンク
概要
- 論文の詳細を見る
Side channel attacks (SCA) are serious attacks on mobile devices. In SCA, the attacker can observe the side channel information while the device performs the cryptographic operations, and he/she can detect the secret stored in the device using such side channel information. Ha-Moon proposed a novel countermeasure against side channel attacks in elliptic curve cryptosystems (ECC). The countermeasure is based on the signed scalar multiplication with randomized concept, and does not pay the penalty of speed. Ha-Moon proved that the countermeasure is secure against side channel attack theoretically, and confirmed its immunity experimentally. Thus Ha-Moon's countermeasure seems to be very attractive. In this paper we propose a novel attack against Ha-Moon's countermeasure, and show that the countermeasure is vulnerable to the proposed attack. The proposed attack utilizes a Markov chain for detecting the secret. The attacker determines the transitions in the Markov chain using side channel information, then detects the relation between consecutive two bits of the secret key, instead of bits of the secret key as they are. The use of such relations drastically reduces the search space for the secret key, and the attacker can easily reveal the secret. In fact, around twenty observations of execution of the countermeasure are sufficient to detect the secret in the case of the standard sizes of ECC. Therefore, the single use of Ha-Moon's countermeasure is not recommended for cryptographic use.
- 社団法人電子情報通信学会の論文
- 2005-05-01
著者
-
OKEYA Katsuyuki
Systems Development Laboratory, Hitachi Ltd.
-
Okeya Katsuyuki
Systems Development Laboratory Hitachi Ltd.
-
Han Dong‐guk
Kookmin Univ. Seoul Kor
-
Han Dong
Center For Information And Security Technologies (cist) Korea University
関連論文
- Recursive Double-Size Modular Multiplications from Euclidean and Montgomery Multipliers
- Recursive Double-Size Modular Multiplications from Euclidean and Montgomery Multipliers
- Faster Double-Size Bipartite Multiplication out of Montgomery Multipliers
- Montgomery Multiplication with Twice the Bit-Length of Multipliers
- Use of Montgomery Trick in Precomputation of Multi-Scalar Multiplication in Elliptic Curve Cryptosystems(Special Section on Cryptography and Information Security)
- TinyECCK16 : An Efficient Field Multiplication Algorithm on 16-bit Environment and Its Application to Tmote Sky Sensor Motes
- TinyECCK : Efficient Elliptic Curve Cryptography Implementation over GF(2^m) on 8-Bit Micaz Mote
- SCA-Resistant and Fast Elliptic Scalar Multiplication Based on wNAF (Asymmetric Cipher) (Cryptography and Information Security)
- Defeating Simple Power Analysis on Koblitz Curves(Discrete Mathematics and Its Applications)
- Security Analysis of the SPA-Resistant Fractional Width Method(Elliptic Curve Cryptography, Cryptography and Information Security)
- Cryptanalysis of Ha-Moon's Countermeasure of Randomized Signed Scalar Multiplication(Discrete Mathematics and Its Applications)
- Side Channel Attacks against Hash-Based MACs with PGV Compression Functions
- On the Importance of Protecting Δ in SFLASH against Side Channel Attacks(Tamper-Resistance)(Cryptography and Information Security)
- A New Upper Bound for the Minimal Density of Joint Representations in Elliptic Curve Cryptosystems(Discrete Mathematics and Its Applications)
- Acceleration of Differential Power Analysis through the Parallel Use of GPU and CPU
- Side Channel Cryptanalysis on XTR Public Key Cryptosystem(Discrete Mathematics and Its Applications)
- A More Compact Representation of XTR Cryptosystem
- Efficient Implementation of Pairing-Based Cryptography on a Sensor Node