A Simple Power Attack on a Randomized Addition-Subtraction Chains Method for Elliptic Curve Cryptosystems
スポンサーリンク
概要
- 論文の詳細を見る
We show that a randomized addition-subtraction chains countermeasure against side channel attacks is vulnerable to an SPA attack, which is a kind of side channel attack, under distinguishability between addition and doubling. The side channel attack takes advantage of information leaked during execution of a cryptographic procedure. The randomized addition-subtraction chains counterrneasure was proposed by Oswald-Aigner, and is based on a random decision inserted into computations. However, the question of its immunity to side channel attacks is still controversial. The randomized addition-subtraction chains countermeasure has security flow in timing attacks, another kind of side channel attack. We have implemented the proposed attack algorithm, whose input is a set of AD sequences, which consist of the characters "A" and "D" to indicate addition and doubling, respectively. Our program has clarified the effectiveness of the attack. The attack algorithm could actually detect secret scalars for given AD sequences. The average time to detect a 160-bit scalar was about 6 milliseconds, and only 30 AD sequences were enough to detect such a scalar. Compared with other counter measures against side channel attacks, the randomized addition-subtraction chains countermeasure is much slower.
- 社団法人電子情報通信学会の論文
- 2003-05-01
著者
-
Okeya Katsuyuki
The Systems Development Laboratory Hitachi Ltd.
-
Sakurai Kouichi
Faculty Of Information Science And Electrical Engineering Kyushu University
-
Sakurai Kouichi
Faculty Of Computer Science And Communication Engineering Kyushu University
関連論文
- A Collaborative Role-Based Access Control for Trusted Operating Systems in Distributed Environment(Application)(Cryptography and Information Security)
- Usage Control Model and Architecture for Data Confidentiality in a Database Service Provider(Network Security)
- 1-out-of-L E-voting System with Efficient Computational Complexity Based on r-th Residue Encryption
- A-7-21 Security Policy Pre-evaluation towards Risk Analysis
- Securing provenance by distributing the provenance storage (マルチメディア通信と分散処理・コンピュータセキュリティ)
- Use of Montgomery Trick in Precomputation of Multi-Scalar Multiplication in Elliptic Curve Cryptosystems(Special Section on Cryptography and Information Security)
- PGV-Style Block-Cipher-Based Hash Families and Black-Box Analysis(Symmetric Key Cryptography)(Cryptography and Information Security)
- 1-out-of-L E-voting System with Efficient Computational Complexity Based on r-th Residue Encryption
- A Simple Power Attack on a Randomized Addition-Subtraction Chains Method for Elliptic Curve Cryptosystems
- Analysis and Design of SHA-V and RIPEMD-V with Variable Output-Length
- Simple Power Analysis on Fast Modular Reduction with Generalized Mersenne Prime for Elliptic Curve Cryptosystems(Side Channel Analysis, Cryptography and Information Security)
- Enhancing Airport Access Control Security with Multiple Biometrics Contactless Smart Card (特集:新たな脅威に立ち向かうコンピュータセキュリティ技術)
- An Efficient Representation of Scalars for Simultaneous Elliptic Scalar Multiplication
- Usage Control Model and Architecture for Data Confidentiality in a Database Service Provider
- Usage Control Model and Architecture for Data Confidentiality in a Database Service Provider