Binary Edwards Curves for Intrinsically Secure ECC Implementations for the IoT

@inproceedings{Loiseau2018BinaryEC,
  title={Binary Edwards Curves for Intrinsically Secure ECC Implementations for the IoT},
  author={Antoine Loiseau and Jacques J. A. Fournier},
  booktitle={ICETE},
  year={2018}
}
: Even if recent advances in public key cryptography tend to focus on algorithms able to survive the post quantum era. At present, there is a urgent need to propose fast, low power and securely implemented cryptography to address the immediate security challenges of the IoT. In this document, we present a new set of Binary Edwards Curves which have been defined to achieve the highest security levels (up to 284-bit security level) and whose parameters have been defined to fit IoT devices embedding… 

Tables from this paper

Hardware Implementation of Secure scalar multiplication Algorithm

TLDR
This paper will first specify the elliptic curve parameters that are responsible for the optimization of the implementation of the scalar multiplication algorithm, then it will choose the most secure scalarmultiplication algorithm to be implemented for security applications.

A Survey on RISC-V Security: Hardware and Architecture

  • Tao Lu
  • Computer Science
    ArXiv
  • 2021
TLDR
An in-depth survey on RISC-V security technologies covers hardware and physical access security, hardware-assisted security units, ISA security extensions, memory protection, cryptographic primitives, and side-channel attack protection.

Survey: Vulnerability Analysis of Low-Cost ECC-Based RFID Protocols against Wireless and Side-Channel Attacks

TLDR
This paper first reviews the most relevant ECC-based RFID authentication protocols, focusing on their security analysis and operational performances, and presents the most promising E CC-based protocols released during 2014–2021 by underlining their advantages and disadvantages.

References

SHOWING 1-10 OF 48 REFERENCES

Low-Resource and Fast Binary Edwards Curves Cryptography

TLDR
This paper utilizes corrected mixed point addition and doubling formulas to achieve a secure, but still fast implementation of a point multiplication on binary Edwards curves.

Efficient implementation of elliptic curve cryptography in wireless sensors

TLDR
The results strongly indicate that binary curves are the most efficient alternative for the implementation of elliptic curve cryptography in the MICAz Mote, a popular sensor platform.

Using Templates to Attack Masked Montgomery Ladder Implementations of Modular Exponentiation

TLDR
This article shows how template attacks can be used to extract sufficient information to recover the mask and confirms that the described attack could be a serious threat for public key algorithms implemented on devices with small word size.

State-of-the-art of secure ECC implementations: a survey on known side-channel attacks and countermeasures

TLDR
This paper can be used as a road map for countermeasure selection in a first design iteration of Elliptic Curve Cryptosystems and three principles of selecting countermeasures to thwart multiple attacks are given.

The Carry Leakage on the Randomized Exponent Countermeasure

TLDR
It is shown that even though the binary exponentiation, or the scalar product on elliptic curves implementation, does not leak information on the secret key, the computation of the randomized secret exponent, or scalar, can leak useful information for an attacker.

Zero-Value Point Attacks on Elliptic Curve Cryptosystem

TLDR
The zero-value point attack is proposed as an extension of Goubin’s attack and it is noted that this attack and the proposed attack assume that the base point P can be chosen by the attacker and the secret scalar d is fixed, so that they are not applicable to ECDSA signature generation.

Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

  • P. Kocher
  • Computer Science, Mathematics
    CRYPTO
  • 1996
By carefully measuring the amount of time required tm perform private key operalions, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems.

Fault Attack on Elliptic Curve Montgomery Ladder Implementation

TLDR
It is shown how, with few faults, one can retrieve the full secret exponent even if classical countermeasures are employed to prevent fault attacks on elliptic curve scalar product algorithms.

Complete Addition Formulas for Prime Order Elliptic Curves

TLDR
This paper presents optimized addition formulas that are complete on every prime order short Weierstrass curve defined over a field k with $$\mathrm{char}k \ne 2,3$$charki¾?2,3 and discusses how these formulas can be used to achieve secure, exception-free implementations on all of the prime order curves in the NIST and many other standards.

Horizontal Correlation Analysis on Exponentiation

TLDR
A technique in which a single exponentiation curve is applied using only one execution power curve during an exponentiation to recover the whole secret exponent manipulated by the chip, which cannot be prevented by exponent blinding.