Learn More
This paper introduces simple methods to convert a cryptographic algorithm into an algorithm protected against simple side-channel attacks. Contrary to previously known solutions, the proposed techniques are not at the expense of the execution time. Moreover, they are generic and apply to virtually any algorithm. In particular, we present several novel(More)
In most algorithms involving elliptic curves, the most expensive part consists in computing multiples of points. This paper investigates how to extend the τ-adic expansion from Koblitz curves to a larger class of curves defined over a prime field having an efficiently-computable endomorphism φ in order to perform an efficient point multiplication with(More)
Elliptic curve cryptosystems in the presence of faults were studied by Biehl, Meyer and Müller (2000). The first fault model they consider requires that the input point P in the computation of dP is chosen by the adversary. Their second and third fault models only require the knowledge of P. But these two latter models are less 'practical' in the sense that(More)
Recently, Eisenträger et al. proposed a very elegant method for speeding up scalar multiplication on elliptic curves. Their method relies on improved formulas for evaluating S = (2P + Q) from given points P and Q on an elliptic curve. Compared to the naive approach, the improved formulas save a field multiplication each time the operation is performed. This(More)
In 1999 Silverman [21] introduced a family of binary finite fields which are composite extensions of F 2 and on which arithmetic operations can be performed more quickly than on prime extensions of F2 of the same size. We present here a fast approach to elliptic curve cryptography using a distinguished subset of the set of Silverman fields F 2 N = F h n.(More)
It is well known that a malicious adversary can try to retrieve secret information by inducing a fault during cryptographic operations. Following the work of Seifert on fault inductions during RSA signature verification, we consider in this paper the signature counterpart. Our article introduces the first fault attack applied on RSA in standard mode. By(More)
In this paper, we present a new parallel architecture to avoid side-channel analyses such as: timing attack, simple/differential power analysis, fault induction attack and simple/differential electromagnetic analysis. We use a Montgomery Multiplication based on Residue Number Systems. Thanks to RNS, we develop a design able to perform an RSA signature in(More)