Skip to main content
SpringerLink
Log in

T_SM: Elliptic Curve Scalar Multiplication Algorithm Secure Against Single-Trace Attacks

  • Conference paper
  • First Online:
Information Security Practice and Experience (ISPEC 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11125))

  • 1220 Accesses

Abstract

At present, Elliptic Curve Digital Signature Algorithm (ECD-SA) is extensively used because its implementation can be achieved more efficiently with the same security level compared to RSA and Digital Signature Algorithm (DSA). In particular, blockchain and Fast IDentity Online (FIDO), which are attracting attention as key infrastructure technologies to lead the fourth industrial revolution, use ECDSA. However, scalar multiplication, which is the main operation of ECDSA, has been reported to be vulnerable to side-channel attacks that use only a single-trace. Notably, there is no perfectly secure countermeasure against Collision Attack (CA), which is the main form of attack using a single-trace. As the attacks become more and more sophisticated and powerful, such as CA, taking countermeasures against them is required. Thus, in this paper, we propose a new scalar multiplication algorithm called the T_SM method. It is secure against Simple Power Analysis (SPA) and Key Bit-dependent Attack (KBA). In particular, the T_SM method can fully cope with CA. To the best of our knowledge, the T_SM method is the first countermeasure against SPA, CA, and KBA. Although it requires memory for pre-computation tables, it has a computational advantage when we apply it to cryptosystems, such as ECDSA, which use ordinary scalar multiplication based on a fixed point P and random scalar k. The main operation consists of the smallest number of operations compared with existing scalar multiplication algorithms in which P is fixed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Belgarric, P., Fouque, P.-A., Macario-Rat, G., Tibouchi, M.: Side-channel analysis of Weierstrass and Koblitz curve ECDSA on Android smartphones. In: CT-RSA 2016 (2016)

    Google Scholar 

  2. Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Horizontal correlation analysis on exponentiation. In: Soriano, M., Qing, S., López, J. (eds.) ICICS 2010. LNCS, vol. 6476, pp. 46–61. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17650-0_5

    Chapter  Google Scholar 

  3. Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48059-5_25

    Chapter  Google Scholar 

  4. Diop, I., Liardet, P.Y., Maurine, P.: Collision based attacks in practice. In: DSD 2015, pp. 367–374 (2015)

    Google Scholar 

  5. Diop, I., Carbone, M., Ordas, S., Linge, Y., Liardet, P.Y., Maurine, P.: Collision for estimating SCA measurement quality and related applications. In: Homma, N., Medwed, M. (eds.) CARDIS 2015. LNCS, vol. 9514, pp. 143–157. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31271-2_9

    Chapter  Google Scholar 

  6. Fan, J., Verbauwhede, I.: An updated survey on secure ECC implementations: attacks, countermeasures and cost. In: Naccache, D. (ed.) Cryptography and Security: From Theory to Applications. LNCS, vol. 6805, pp. 265–282. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28368-0_18

    Chapter  MATH  Google Scholar 

  7. Faz-Hernández, A., Longa, P., Sánchez, A.H.: Efficient and secure algorithms for GLV-Based scalar multiplication and their implementation on GLV-GLS curves. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 1–27. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-04852-9_1

    Chapter  Google Scholar 

  8. FIPS 186: Digital signature standard. In: Federal Information Processing Standards Publication 186, U.S. Department of commerce (1994)

    Google Scholar 

  9. Fouque, P.-A., Valette, F.: The doubling attack – why upwards is better than downwards. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 269–280. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45238-6_22

    Chapter  Google Scholar 

  10. Genkin, D., Pachmanov, L., Pipman, I., Tromer, E., Yarom, Y.: ECDSA key extraction from mobile devices via nonintrusive physical side channels. In: ACM-CCS 2016 (2016). ISBN 978-1-4503-4139-4/16/10

    Google Scholar 

  11. Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, New York (2003). https://doi.org/10.1007/b97644. ISBN 0-387-95273-X

    Book  MATH  Google Scholar 

  12. Hanley, N., Kim, H.S., Tunstall, M.: Exploiting collisions in addition chain-based exponentiation algorithms using a single trace. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 431–448. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16715-2_23

    Chapter  MATH  Google Scholar 

  13. Heyszl, J., Mangard, S., Heinz, B., Stumpf, F., Sigl, G.: Localized electromagnetic analysis of cryptographic implementations. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 231–244. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27954-6_15

    Chapter  Google Scholar 

  14. Heyszl, J., Ibing, A., Mangard, S., De Santis, F., Sigl, G.: Clustering algorithms for non-profiled single-execution attacks on exponentiations. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 79–93. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08302-5_6

    Chapter  Google Scholar 

  15. Homma, N., Miyamoto, A., Aoki, T., Satoh, A.: Comparative power analysis of modular exponentiation algorithms. IEEE Trans. Comput. 59(6), 795–807 (2010)

    Article  MathSciNet  Google Scholar 

  16. Järvinen, K., Balasch, J.: Single-trace side-channel attacks on scalar multiplications with precomputations. In: Lemke-Rust, K., Tunstall, M. (eds.) CARDIS 2016. LNCS, vol. 10146, pp. 137–155. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54669-8_9

    Chapter  Google Scholar 

  17. Joye, M., Yen, S.-M.: The montgomery powering ladder. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 291–302. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36400-5_22

    Chapter  Google Scholar 

  18. Karame, G., Androulaki, E.: Bitcoin and Blockchain Security. Artech House, Norwood (2016)

    Google Scholar 

  19. Kenworthy, G., Rohatgi, P.: Mobile device security: the case for side channel resistance. In: Cryptography Research Inc. (2012)

    Google Scholar 

  20. Kim, H.-S., Kim, T.-H., Yoon, J.-C., Hong, S.-H.: Practical second-order correlation power analysis on the message blinding method and its novel countermeasure for RSA. ETRI J. 32(1), 102–111 (2010)

    Article  Google Scholar 

  21. Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)

    Article  MathSciNet  Google Scholar 

  22. Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68697-5_9

    Chapter  Google Scholar 

  23. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25

    Chapter  Google Scholar 

  24. Lindemann, R.: FIDO ECDAA Algorithm. In: FIDO Alliance Implementation Draft 2 (2017). https://fidoalliance.org/specs/fido-uaf-v1.1-id-20170202/fido-ecdaa-algorithm-v1.1-id-20170202.html

  25. Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). https://doi.org/10.1007/3-540-39799-X_31

    Chapter  Google Scholar 

  26. Möller, B.: Securing elliptic curve point multiplication against side-channel attacks. In: Davida, G.I., Frankel, Y. (eds.) ISC 2001. LNCS, vol. 2200, pp. 324–334. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45439-X_22

    Chapter  Google Scholar 

  27. Okeya, K., Sakurai, K.: A second-order DPA attack breaks a window-method based countermeasure against side channel attacks. In: Chan, A.H., Gligor, V. (eds.) ISC 2002. LNCS, vol. 2433, pp. 389–401. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45811-5_30

    Chapter  Google Scholar 

  28. Okeya, K., Takagi, T.: The width-w NAF method provides small memory and fast elliptic scalar multiplications secure against side channel attacks. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 328–343. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36563-X_23

    Chapter  Google Scholar 

  29. Perin, G., Imbert, L., Torres, L., Maurine, P.: Attacking randomized exponentiations using unsupervised learning. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 144–160. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10175-0_11

    Chapter  Google Scholar 

  30. Perin, G., Chmielewski, Ł.: A semi-parametric approach for side-channel attacks on protected RSA implementations. In: Homma, N., Medwed, M. (eds.) CARDIS 2015. LNCS, vol. 9514, pp. 34–53. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31271-2_3

    Chapter  Google Scholar 

  31. van de Pol, J., Smart, N.P., Yarom, Y.: Just a little bit more. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 3–21. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16715-2_1

    Chapter  Google Scholar 

  32. Rivest, R., Shamir, A., Adelman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)

    Article  MathSciNet  Google Scholar 

  33. Specht, R., Heyszl, J., Kleinsteuber, M., Sigl, G.: Improving non-profiled attacks on exponentiations based on clustering and extracting leakage from multi-channel high-resolution EM measurements. In: Mangard, S., Poschmann, A.Y. (eds.) COSADE 2014. LNCS, vol. 9064, pp. 3–19. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21476-4_1

    Chapter  Google Scholar 

  34. Sugawara, T., Suzuki, D., Saeki, M.: Internal collision attack on RSA under closed EM measurement. In: SCIS 2014 (2014)

    Google Scholar 

  35. Sugawara, T., Suzuki, D., Saeki, M.: Two operands of multipliers in side-channel attack. In: Mangard, S., Poschmann, A.Y. (eds.) COSADE 2014. LNCS, vol. 9064, pp. 64–78. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21476-4_5

    Chapter  Google Scholar 

  36. Sim, B.-Y., Han, D.-G.: Key bit-dependent attack on protected PKC using a single trace. In: Liu, J.K., Samarati, P. (eds.) ISPEC 2017. LNCS, vol. 10701, pp. 168–185. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-72359-4_10

    Chapter  Google Scholar 

  37. Walter, C.D.: Sliding windows succumbs to big Mac attack. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 286–299. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44709-1_24

    Chapter  Google Scholar 

Download references

Acknowledgments

This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIT) (No.2017-0-00520, Development of SCR-Friendly Symmetric Key Cryptosystem and Its Application Modes).

Author information

Authors and Affiliations

  1. Department of Mathematics, Kookmin University, Seoul, South Korea

    Bo-Yeon Sim & Dong-Guk Han

  2. Security Research Team, Samsung SDS, Inc., Seoul, South Korea

    Kyu Young Choi, Dukjae Moon, Hyo Jin Yoon & Jihoon Cho

Authors
  1. Bo-Yeon Sim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kyu Young Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dukjae Moon
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hyo Jin Yoon
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jihoon Cho
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Dong-Guk Han
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dong-Guk Han .

Editor information

Editors and Affiliations

  1. University of Aizu, Aizuwakamatsu, Japan

    Chunhua Su

  2. Meiji University, Tokyo, Japan

    Hiroaki Kikuchi

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Sim, BY., Choi, K.Y., Moon, D., Yoon, H.J., Cho, J., Han, DG. (2018). T_SM: Elliptic Curve Scalar Multiplication Algorithm Secure Against Single-Trace Attacks. In: Su, C., Kikuchi, H. (eds) Information Security Practice and Experience. ISPEC 2018. Lecture Notes in Computer Science(), vol 11125. Springer, Cham. https://doi.org/10.1007/978-3-319-99807-7_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-99807-7_25

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-99806-0

  • Online ISBN: 978-3-319-99807-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation