Improved Side Channel Attacks on Pairing Based Cryptography

  • Johannes Blömer
  • Peter Günther
  • Gennadij Liske
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7864)


Several known invasive and non-invasive attacks against pairing algorithms only work if the second but not if the first argument of the pairing is the secret. In this paper we extend some of these attacks to the case where the first argument is the secret. Hence we conclude that positioning the secret as the first argument of the pairing does not necessarily improve the security against (SCAs), as it sometimes has been suggested.


Elliptic Curve Smart Card Elliptic Curf Elliptic Curve Cryptography Modular Multiplication 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Acar, T., Lauter, K., Naehrig, M., Shumow, D.: Affine Pairings on ARM. IACR Cryptology ePrint Archive 2011, 243 (2011)Google Scholar
  2. 2.
    Barreto, P.S.L.M., Lynn, B., Scott, M.: On the Selection of Pairing-Friendly Groups. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 17–25. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Blake, I.F., Seroussi, G., Smart, N.P. (eds.): Advances in Elliptic Curve Cryptography. London Mathematical Society Lecture Note Series, vol. 317. Cambridge University Press (2005)Google Scholar
  4. 4.
    Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. SIAM Journal on Computing 32(3), 586–615 (2003)MathSciNetzbMATHCrossRefGoogle Scholar
  5. 5.
    Hess, F., Smart, N.P., Vercauteren, F.: The Eta Pairing Revisited. IEEE Transactions on Information Theory 52(10), 4595–4602 (2006)MathSciNetzbMATHCrossRefGoogle Scholar
  6. 6.
    Joye, M., Neven, G. (eds.): Identity-Based Cryptography. In: Cryptology and Information Security, vol. 2. IOS Press (2009)Google Scholar
  7. 7.
    Joye, M., Tunstall, M. (eds.): Fault Attacks in Cryptography. Information Security and Cryptography. Springer (2012)Google Scholar
  8. 8.
    Kim, T., Takagi, T., Han, D.G., Kim, H., Lim, J.: Side Channel Attacks and Countermeasures on Pairing Based Cryptosystems over Binary Fields. In: Pointcheval, D., Mu, Y., Chen, K. (eds.) CANS 2006. LNCS, vol. 4301, pp. 168–181. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Miller, V.S.: The Weil Pairing, and Its Efficient Calculation. Journal of Cryptology 17(4), 235–261 (2004)MathSciNetzbMATHCrossRefGoogle Scholar
  10. 10.
    El Mrabet, N.: What about Vulnerability to a Fault Attack of the Miller’s Algorithm During an Identity Based Protocol? In: Park, J.H., Chen, H.-H., Atiquzzaman, M., Lee, C., Kim, T.-h., Yeo, S.-S. (eds.) ISA 2009. LNCS, vol. 5576, pp. 122–134. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  11. 11.
    Mrabet, N.E., Flottes, M.L., Natale, G.D.: A practical Differential Power Analysis attack against the Miller algorithm. In: Research in Microelectronics and Electronics, pp. 308–311 (2009)Google Scholar
  12. 12.
    Page, D., Vercauteren, F.: Fault and Side-Channel Attacks on Pairing Based Cryptography. IACR Cryptology ePrint Archive 2004, 283 (2004)Google Scholar
  13. 13.
    Page, D., Vercauteren, F.: A Fault Attack on Pairing-Based Cryptography. IEEE Transactions on Computers 55(9), 1075–1080 (2006)zbMATHCrossRefGoogle Scholar
  14. 14.
    Barreto, P.S.L.M., Galbraith, S.D., Héigeartaigh, C.Ó.: Efficient Pairing Computation on Supersingular Abelian Varieties. Designes, Codes and Cryptography 42(3), 239–271 (2007)zbMATHCrossRefGoogle Scholar
  15. 15.
    Rosen, K.H. (ed.): Handbook of Elliptic and Hyperelliptic Curve Cryptography. Discrete Mathematics and its Applications. Chapman & Hall/CRC (2006)Google Scholar
  16. 16.
    Scott, M.: Computing the Tate Pairing. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 293–304. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  17. 17.
    Scott, M., Costigan, N., Abdulwahab, W.: Implementing Cryptographic Pairings on Smartcards. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 134–147. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Shoup, V.: A computational introduction to number theory and algebra. Cambridge University Press (2006)Google Scholar
  19. 19.
    Silverman, J.H.: The Arithmetic of Elliptic Curves, 2nd edn. Graduate Texts in Mathematics, vol. 106. Springer (2009)Google Scholar
  20. 20.
    Galbraith, S.D., Héigeartaigh, C.Ó., Sheedy, C.: Simplified Pairing Computation and Security Implications. Journal of Mathematical Cryptology 1(3), 267–281 (2007)MathSciNetzbMATHCrossRefGoogle Scholar
  21. 21.
    Whelan, C., Scott, M.: Side Channel Analysis of Practical Pairing Implementations: Which Path is More Secure? In: Nguyên, P.Q. (ed.) VIETCRYPT 2006. LNCS, vol. 4341, pp. 99–114. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  22. 22.
    Whelan, C., Scott, M.: The Importance of the Final Exponentiation in Pairings When Considering Fault Attacks. In: Takagi, T., Okamoto, T., Okamoto, E., Okamoto, T. (eds.) Pairing 2007. LNCS, vol. 4575, pp. 225–246. Springer, Heidelberg (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Johannes Blömer
    • 1
  • Peter Günther
    • 1
  • Gennadij Liske
    • 1
  1. 1.University of PaderbornGermany

Personalised recommendations