Modified Power-Analysis Attacks on XTR and an Efficient Countermeasure

  • Dong-Guk Han
  • Tetsuya Izu
  • Jongin Lim
  • Kouichi Sakurai
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3269)


In [HLS04a], Han et al. presented a nice overview of some side channel attacks (SCA), and some classical countermeasures. However, their proposed countermeasures against SCA are so inefficient that the efficiency of XTR with SCA countermeasures is at least 129 times slower than that of XTR without them. Thus they remained the construction of the efficient countermeasures against SCA as an open question. In this paper, we show that XTR can be also attacked by the modified refined power analysis (MRPA) and the modified zero-value attack (MZVA). To show validity of MRPA and MZVA on XTR, we give some numerical data of them.

We propose a novel efficient countermeasure (XTR-RSE) against “SCAs”: SPA, Data-bit DPA, Address-bit DPA, Doubling attack, MRPA, and MZVA. We show that XTR-RSE itself without other countermeasures is secure against all “SCAs”. From our implementation results, if we compare XTR with ECC with countermeasures against “SCAs”, we think XTR is as suitable to smart-cards as ECC due to the efficiency of the proposed XTR-RSE.


XTR public key system Refined Power Analysis zero-value attack the efficient countermeasure 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [Ava03]
    Avanzi, R.M.: Countermeasures against Differential Power Analysis for Hyperelliptic Curve Cryptosystems. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 366–381. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. [AT03]
    Akishita, T., Takagi, T.: Zero-Value Point Attacks on Elliptic Curve Cryptosystem. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 218–233. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  3. [Cor99]
    Coron, J.S.: Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  4. [CJ01]
    Clavier, C., Joye, M.: Univeral Exponentiation Algorithm A First Step towards Provable SPA-Resistance. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 300–308. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  5. [CMO98]
    Cohen, H., Miyaji, A., Ono, T.: Efficient Elliptic Curve Exponentiation Using Mixed Coordinates. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 51–65. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  6. [FV03]
    Fouque, P.-A., Valette, F.: The Doubling Attack Why Upwards is better than Downwards. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 269–280. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. [Gou03]
    Goubin, L.: A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 199–210. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  8. [GPS04]
    Granger, R., Page, D., Stam, M.: A Comparison of CEILIDH and XTR. In: Buell, D.A. (ed.) ANTS 2004. LNCS, vol. 3076, pp. 235–249. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. [HLS04a]
    Han, D.-G., Lim, J., Sakurai, K.: On security of XTR public key cryptosystems against Side Channel Attacks. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 454–465. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. [HLS04b]
    Han, D.-G., Lim, J., Sakurai, K.: On security of XTR public key cryptosystems against Side Channel Attacks, International Association for Cryptologic Research (IACR), Cryptology ePrint Archive 2004/123 (2004),
  11. [IIT02]
    Itoh, K., Izu, T., Takenaka, M.: Address-bit Differential Power Analysis of Cryptographic Schemes OK-ECDH and OK-ECDSA. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 129–143. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  12. [IIT03]
    Itoh, K., Izu, T., Takenaka, M.: A Practical Countermeasure against Address-bit Differential Power Analysis. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 382–396. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  13. [LV00]
    Lenstra, A.K., Verheul, E.R.: The XTR public key system. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 1–19. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  14. [RS03]
    Rubin, K., Silverberg, A.: Torus-Based Cryptography. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 349–365. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  15. [SL01]
    Stam, M., Lenstra, A.K.: Speeding Up XTR. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 125–143. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Dong-Guk Han
    • 1
  • Tetsuya Izu
    • 2
  • Jongin Lim
    • 1
  • Kouichi Sakurai
    • 3
  1. 1.Center for Information and Security Technologies(CIST)Korea UniversitySeoulKorea
  2. 2.FUJITSU LABORATORIES LtdKawasakiJapan
  3. 3.Department of Computer Science and Communication EngineeringFukuokaJapan

Personalised recommendations