Abstract
We present a new type of fault attacks on elliptic curve scalar multiplications: Sign Change Attacks. These attacks exploit different number representations as they are often employed in modern cryptographic applications. Previously, fault attacks on elliptic curves aimed to force a device to output points which are on a cryptographically weak curve. Such attacks can easily be defended against. Our attack produces points which do not leave the curve and are not easily detected. The paper also presents a revised scalar multiplication algorithm that protects against Sign Change Attacks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aumüller, C., Bier, P., Fischer, W., Hofreiter, P., Seifert, J.-P.: Fault attacks on RSA with CRT: Concrete results and practical countermeasures. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 260–275. Springer, Heidelberg (2003)
Anderson, R.J., Kuhn, M.G.: Tamper resistance — a cautionary note. In: Proceedings of the Second USENIX Workshop on Electronic Commerce, pp. 1–11. USENIX Association (1996)
Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., Whelan, C.: The sorcerer’s apprentice guide to fault attacks, Cryptology ePrint Archive 2004/100 (2004), http://eprint.iacr.org/2004/100.pdf
Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of eliminating errors in cryptographic computations. J. Cryptology 14(2), 101–119 (2001)
Biehl, I., Meyer, B., Müller, V.: Differential fault attacks on elliptic curve cryptosystems. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 131–146. Springer, Heidelberg (2000)
Booth, A.D.: A signed binary multiplication technique. Quart. Journ. Mech. and Applied Math. IV(2), 236–240 (1951)
Blake, I., Seroussi, G., Smart, N.: Elliptic curves in cryptography. London Mathematical Society Lecture Note Series, vol. 265. Cambridge University Press, Cambridge (1999)
Ciet, M., Joye, M.: Elliptic curve cryptosystems in the presence of permanent and transient faults, Cryptology ePrint Archive 2003/028 (2003), http://eprint.iacr.org/2003/028.pdf
Cohen, H., Miyaji, A., Ono, T.: Efficient elliptic curve exponentiation using mixed coordinates. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 51–65. Springer, Heidelberg (1998)
Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)
Eg̃eciog̃lu, Ö., Koç, Ç.K.: Fast modular exponentiation. In: Communication, Control, and Signal Processing, pp. 188–194 (1990)
Handschuh, H., Pailler, P.: Smart card crypto-coprocessors for public-key cryptography. In: Schneier, B., Quisquater, J.-J. (eds.) CARDIS 1998. LNCS, vol. 1820, pp. 372–379. Springer, Heidelberg (2000)
IEEE P1363/D3 (Draft Version 3), Standard specifications for public key cryptography (May 1998)
Joye, M., Tymen, C.: Protections against Differential Analysis for Elliptic Curve Cryptography. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 377–390. Springer, Heidelberg (2001)
Joye, M., Yen, S.M.: Optimal left-to-right binary signed-digit recoding. IEEE Trans. on Computers 49(7), 740–748 (2000)
Joye, M., Yen, S.-M.: The montgomery powering ladder. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 291–302. Springer, Heidelberg (2003)
Koren, I.: Computer arithmetic algorithms. Prentice-Hall, Englewood Cliffs (1993)
Morain, F., Olivos, J.: Speeding up the computations on an elliptic curve using addition-subtractions chains. Theoretical Informatics and Applications (24), 531–543 (1990)
Montgomery, P.L.: Modular multiplication without trial division. Math. Comp. (44), 519–521 (1985)
Montgomery, P.L.: Speeding the Pollard and elliptic curve methods of factorization. Mathematics of Computation 48(177), 243–264 (1987)
Otto, M.: Fault attacks and countermeasures, Ph.D. thesis, University of Paderborn (2005), http://wwwcs.uni-paderborn.de/cs/ag-bloemer/forschung/publikationen/DissertationMartinOtto.pdf
Skorobogatov, S., Anderson, R.: Optical fault induction attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 2–12. Springer, Heidelberg (2003)
Standards for Efficient Cryptography Group (SECG), SEC 2: Recommended elliptic curve domain parameters (2000), http://www.secg.org/collateral/sec2_final.pdf
Sedlak, H.: The RSA cryptography processor. In: Price, W.L., Chaum, D. (eds.) EUROCRYPT 1987. LNCS, vol. 304, pp. 95–105. Springer, Heidelberg (1988)
Shamir, A.: Method and apparatus for protecting public key schemes from timing and fault attacks. US Patent No. 5, 991, 415 (November 23, 1999)
de Waleffe, D., Quisquater, J.-J.: CORSAIR, a smart card for public-key cryptosystems. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 502–512. Springer, Heidelberg (1991)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Blömer, J., Otto, M., Seifert, JP. (2006). Sign Change Fault Attacks on Elliptic Curve Cryptosystems. In: Breveglieri, L., Koren, I., Naccache, D., Seifert, JP. (eds) Fault Diagnosis and Tolerance in Cryptography. FDTC 2006. Lecture Notes in Computer Science, vol 4236. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11889700_4
Download citation
DOI: https://doi.org/10.1007/11889700_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-46250-7
Online ISBN: 978-3-540-46251-4
eBook Packages: Computer ScienceComputer Science (R0)