Abstract
At present, Elliptic Curve Digital Signature Algorithm (ECD-SA) is extensively used because its implementation can be achieved more efficiently with the same security level compared to RSA and Digital Signature Algorithm (DSA). In particular, blockchain and Fast IDentity Online (FIDO), which are attracting attention as key infrastructure technologies to lead the fourth industrial revolution, use ECDSA. However, scalar multiplication, which is the main operation of ECDSA, has been reported to be vulnerable to side-channel attacks that use only a single-trace. Notably, there is no perfectly secure countermeasure against Collision Attack (CA), which is the main form of attack using a single-trace. As the attacks become more and more sophisticated and powerful, such as CA, taking countermeasures against them is required. Thus, in this paper, we propose a new scalar multiplication algorithm called the T_SM method. It is secure against Simple Power Analysis (SPA) and Key Bit-dependent Attack (KBA). In particular, the T_SM method can fully cope with CA. To the best of our knowledge, the T_SM method is the first countermeasure against SPA, CA, and KBA. Although it requires memory for pre-computation tables, it has a computational advantage when we apply it to cryptosystems, such as ECDSA, which use ordinary scalar multiplication based on a fixed point P and random scalar k. The main operation consists of the smallest number of operations compared with existing scalar multiplication algorithms in which P is fixed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Belgarric, P., Fouque, P.-A., Macario-Rat, G., Tibouchi, M.: Side-channel analysis of Weierstrass and Koblitz curve ECDSA on Android smartphones. In: CT-RSA 2016 (2016)
Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Horizontal correlation analysis on exponentiation. In: Soriano, M., Qing, S., López, J. (eds.) ICICS 2010. LNCS, vol. 6476, pp. 46–61. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17650-0_5
Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48059-5_25
Diop, I., Liardet, P.Y., Maurine, P.: Collision based attacks in practice. In: DSD 2015, pp. 367–374 (2015)
Diop, I., Carbone, M., Ordas, S., Linge, Y., Liardet, P.Y., Maurine, P.: Collision for estimating SCA measurement quality and related applications. In: Homma, N., Medwed, M. (eds.) CARDIS 2015. LNCS, vol. 9514, pp. 143–157. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31271-2_9
Fan, J., Verbauwhede, I.: An updated survey on secure ECC implementations: attacks, countermeasures and cost. In: Naccache, D. (ed.) Cryptography and Security: From Theory to Applications. LNCS, vol. 6805, pp. 265–282. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28368-0_18
Faz-Hernández, A., Longa, P., Sánchez, A.H.: Efficient and secure algorithms for GLV-Based scalar multiplication and their implementation on GLV-GLS curves. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 1–27. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-04852-9_1
FIPS 186: Digital signature standard. In: Federal Information Processing Standards Publication 186, U.S. Department of commerce (1994)
Fouque, P.-A., Valette, F.: The doubling attack – why upwards is better than downwards. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 269–280. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45238-6_22
Genkin, D., Pachmanov, L., Pipman, I., Tromer, E., Yarom, Y.: ECDSA key extraction from mobile devices via nonintrusive physical side channels. In: ACM-CCS 2016 (2016). ISBN 978-1-4503-4139-4/16/10
Hankerson, D., Menezes, A., Vanstone, S.: Guide to Elliptic Curve Cryptography. Springer, New York (2003). https://doi.org/10.1007/b97644. ISBN 0-387-95273-X
Hanley, N., Kim, H.S., Tunstall, M.: Exploiting collisions in addition chain-based exponentiation algorithms using a single trace. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 431–448. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16715-2_23
Heyszl, J., Mangard, S., Heinz, B., Stumpf, F., Sigl, G.: Localized electromagnetic analysis of cryptographic implementations. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 231–244. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27954-6_15
Heyszl, J., Ibing, A., Mangard, S., De Santis, F., Sigl, G.: Clustering algorithms for non-profiled single-execution attacks on exponentiations. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 79–93. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-08302-5_6
Homma, N., Miyamoto, A., Aoki, T., Satoh, A.: Comparative power analysis of modular exponentiation algorithms. IEEE Trans. Comput. 59(6), 795–807 (2010)
Järvinen, K., Balasch, J.: Single-trace side-channel attacks on scalar multiplications with precomputations. In: Lemke-Rust, K., Tunstall, M. (eds.) CARDIS 2016. LNCS, vol. 10146, pp. 137–155. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54669-8_9
Joye, M., Yen, S.-M.: The montgomery powering ladder. In: Kaliski, B.S., Koç, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 291–302. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36400-5_22
Karame, G., Androulaki, E.: Bitcoin and Blockchain Security. Artech House, Norwood (2016)
Kenworthy, G., Rohatgi, P.: Mobile device security: the case for side channel resistance. In: Cryptography Research Inc. (2012)
Kim, H.-S., Kim, T.-H., Yoon, J.-C., Hong, S.-H.: Practical second-order correlation power analysis on the message blinding method and its novel countermeasure for RSA. ETRI J. 32(1), 102–111 (2010)
Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)
Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996). https://doi.org/10.1007/3-540-68697-5_9
Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48405-1_25
Lindemann, R.: FIDO ECDAA Algorithm. In: FIDO Alliance Implementation Draft 2 (2017). https://fidoalliance.org/specs/fido-uaf-v1.1-id-20170202/fido-ecdaa-algorithm-v1.1-id-20170202.html
Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). https://doi.org/10.1007/3-540-39799-X_31
Möller, B.: Securing elliptic curve point multiplication against side-channel attacks. In: Davida, G.I., Frankel, Y. (eds.) ISC 2001. LNCS, vol. 2200, pp. 324–334. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45439-X_22
Okeya, K., Sakurai, K.: A second-order DPA attack breaks a window-method based countermeasure against side channel attacks. In: Chan, A.H., Gligor, V. (eds.) ISC 2002. LNCS, vol. 2433, pp. 389–401. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45811-5_30
Okeya, K., Takagi, T.: The width-w NAF method provides small memory and fast elliptic scalar multiplications secure against side channel attacks. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 328–343. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-36563-X_23
Perin, G., Imbert, L., Torres, L., Maurine, P.: Attacking randomized exponentiations using unsupervised learning. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 144–160. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10175-0_11
Perin, G., Chmielewski, Ł.: A semi-parametric approach for side-channel attacks on protected RSA implementations. In: Homma, N., Medwed, M. (eds.) CARDIS 2015. LNCS, vol. 9514, pp. 34–53. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-31271-2_3
van de Pol, J., Smart, N.P., Yarom, Y.: Just a little bit more. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 3–21. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-16715-2_1
Rivest, R., Shamir, A., Adelman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)
Specht, R., Heyszl, J., Kleinsteuber, M., Sigl, G.: Improving non-profiled attacks on exponentiations based on clustering and extracting leakage from multi-channel high-resolution EM measurements. In: Mangard, S., Poschmann, A.Y. (eds.) COSADE 2014. LNCS, vol. 9064, pp. 3–19. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21476-4_1
Sugawara, T., Suzuki, D., Saeki, M.: Internal collision attack on RSA under closed EM measurement. In: SCIS 2014 (2014)
Sugawara, T., Suzuki, D., Saeki, M.: Two operands of multipliers in side-channel attack. In: Mangard, S., Poschmann, A.Y. (eds.) COSADE 2014. LNCS, vol. 9064, pp. 64–78. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21476-4_5
Sim, B.-Y., Han, D.-G.: Key bit-dependent attack on protected PKC using a single trace. In: Liu, J.K., Samarati, P. (eds.) ISPEC 2017. LNCS, vol. 10701, pp. 168–185. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-72359-4_10
Walter, C.D.: Sliding windows succumbs to big Mac attack. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 286–299. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44709-1_24
Acknowledgments
This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIT) (No.2017-0-00520, Development of SCR-Friendly Symmetric Key Cryptosystem and Its Application Modes).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Sim, BY., Choi, K.Y., Moon, D., Yoon, H.J., Cho, J., Han, DG. (2018). T_SM: Elliptic Curve Scalar Multiplication Algorithm Secure Against Single-Trace Attacks. In: Su, C., Kikuchi, H. (eds) Information Security Practice and Experience. ISPEC 2018. Lecture Notes in Computer Science(), vol 11125. Springer, Cham. https://doi.org/10.1007/978-3-319-99807-7_25
Download citation
DOI: https://doi.org/10.1007/978-3-319-99807-7_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-99806-0
Online ISBN: 978-3-319-99807-7
eBook Packages: Computer ScienceComputer Science (R0)