Mathieu Ciet

Learn More
Abstract. This paper introduces simple methods to convert a cryptographic algorithm into an algorithm protected against simple sidechannel attacks. Contrary to previously known solutions, the proposed techniques are not at the expense of the execution time. Moreover, they are generic and apply to virtually any algorithm. In particular, we present several(More)
Randomization techniques play an important role in the protection of cryptosystems against implementation attacks. This paper studies the case of elliptic curve cryptography and propose three novel randomization methods, for the elliptic curve point multiplication, which do not impact the overall performance. Our first method, dedicated to elliptic curves(More)
Elliptic curve cryptosystems in the presence of faults were studied by Biehl, Meyer and Müller (2000). The first fault model they consider requires that the input point P in the computation of dP is chosen by the adversary. Their second and third fault models only require the knowledge of P . But these two latter models are less ‘practical’ in the sense(More)
Recently, Eisenträger et al. proposed a very elegant method for speeding up scalar multiplication on elliptic curves. Their method relies on improved formulas for evaluating S = (2P + Q) from given points P and Q on an elliptic curve. Compared to the naive approach, the improved formulas save a field multiplication each time the operation is performed. This(More)
It is well known that a malicious adversary can try to retrieve secret information by inducing a fault during cryptographic operations. Following the work of Seifert on fault inductions during RSA signature verification, we consider in this paper the signature counterpart. Our article introduces the first fault attack applied on RSA in standard mode. By(More)
In most algorithms involving elliptic curves, the most expensive part consists in computing multiples of points. This paper investigates how to extend the τ -adic expansion from Koblitz curves to a larger class of curves defined over a prime field having an efficiently-computable endomorphism φ in order to perform an efficient point multiplication with(More)
In this paper, we present a new parallel architecture to avoid side-channel analysis such as: Timing attack, simple/differential power analysis, fault induction attack and simple/differential electromagnetic analysis. We use a Montgomery Multiplication based on Residue Number Systems. Thanks to RNS, we develop a design able to perform an RSA in parallel on(More)
Let E be an elliptic curve defined over F2n . The inverse operation of point doubling, called point halving, can be done up to three times as fast as doubling. Some authors have therefore proposed to perform a scalar multiplication by an “halve-and-add” algorithm, which is faster than the classical double-and-add method. If the coefficients of the equation(More)
In 1999 Silverman [21] introduced a family of binary finite fields which are composite extensions of F2 and on which arithmetic operations can be performed more quickly than on prime extensions of F2 of the same size. We present here a fast approach to elliptic curve cryptography using a distinguished subset of the set of Silverman fields F2N = Fhn . This(More)
In this report, we study the adaptation of existing attacks on short private exponent on fast variants of the well-known RSA public-key cryptosystem, namely the RSA Multiprime and the Takagi family cryptosystems. The first one consists in a variant whose modulus is made up with strictly more than two primes, which permits to quickly decipher or sign using(More)