# Binary Edwards Curves for Intrinsically Secure ECC Implementations for the IoT

@inproceedings{Loiseau2018BinaryEC, title={Binary Edwards Curves for Intrinsically Secure ECC Implementations for the IoT}, author={Antoine Loiseau and Jacques J. A. Fournier}, booktitle={ICETE}, year={2018} }

: Even if recent advances in public key cryptography tend to focus on algorithms able to survive the post quantum era. At present, there is a urgent need to propose fast, low power and securely implemented cryptography to address the immediate security challenges of the IoT. In this document, we present a new set of Binary Edwards Curves which have been deﬁned to achieve the highest security levels (up to 284-bit security level) and whose parameters have been deﬁned to ﬁt IoT devices embedding…

## 4 Citations

### Hardware Implementation of Secure scalar multiplication Algorithm

- Computer Science, Mathematics2022 IEEE 9th International Conference on Sciences of Electronics, Technologies of Information and Telecommunications (SETIT)
- 2022

This paper will first specify the elliptic curve parameters that are responsible for the optimization of the implementation of the scalar multiplication algorithm, then it will choose the most secure scalarmultiplication algorithm to be implemented for security applications.

### A Survey on RISC-V Security: Hardware and Architecture

- Computer ScienceArXiv
- 2021

An in-depth survey on RISC-V security technologies covers hardware and physical access security, hardware-assisted security units, ISA security extensions, memory protection, cryptographic primitives, and side-channel attack protection.

### Survey: Vulnerability Analysis of Low-Cost ECC-Based RFID Protocols against Wireless and Side-Channel Attacks

- Computer ScienceSensors
- 2021

This paper first reviews the most relevant ECC-based RFID authentication protocols, focusing on their security analysis and operational performances, and presents the most promising E CC-based protocols released during 2014–2021 by underlining their advantages and disadvantages.

## References

SHOWING 1-10 OF 48 REFERENCES

### Low-Resource and Fast Binary Edwards Curves Cryptography

- Computer Science, MathematicsINDOCRYPT
- 2015

This paper utilizes corrected mixed point addition and doubling formulas to achieve a secure, but still fast implementation of a point multiplication on binary Edwards curves.

### Efficient implementation of elliptic curve cryptography in wireless sensors

- Computer Science, MathematicsAdv. Math. Commun.
- 2010

The results strongly indicate that binary curves are the most efficient alternative for the implementation of elliptic curve cryptography in the MICAz Mote, a popular sensor platform.

### Using Templates to Attack Masked Montgomery Ladder Implementations of Modular Exponentiation

- Computer Science, MathematicsWISA
- 2008

This article shows how template attacks can be used to extract sufficient information to recover the mask and confirms that the described attack could be a serious threat for public key algorithms implemented on devices with small word size.

### State-of-the-art of secure ECC implementations: a survey on known side-channel attacks and countermeasures

- Computer Science, Mathematics2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST)
- 2010

This paper can be used as a road map for countermeasure selection in a first design iteration of Elliptic Curve Cryptosystems and three principles of selecting countermeasures to thwart multiple attacks are given.

### The Carry Leakage on the Randomized Exponent Countermeasure

- Mathematics, Computer ScienceCHES
- 2008

It is shown that even though the binary exponentiation, or the scalar product on elliptic curves implementation, does not leak information on the secret key, the computation of the randomized secret exponent, or scalar, can leak useful information for an attacker.

### Zero-Value Point Attacks on Elliptic Curve Cryptosystem

- Computer Science, MathematicsISC
- 2003

The zero-value point attack is proposed as an extension of Goubin’s attack and it is noted that this attack and the proposed attack assume that the base point P can be chosen by the attacker and the secret scalar d is fixed, so that they are not applicable to ECDSA signature generation.

### Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems

- Computer Science, MathematicsCRYPTO
- 1996

By carefully measuring the amount of time required tm perform private key operalions, attackers may be able to find fixed Diffie-Hellman exponents, factor RSA keys, and break other cryptosystems.…

### Fault Attack on Elliptic Curve Montgomery Ladder Implementation

- Computer Science, Mathematics2008 5th Workshop on Fault Diagnosis and Tolerance in Cryptography
- 2008

It is shown how, with few faults, one can retrieve the full secret exponent even if classical countermeasures are employed to prevent fault attacks on elliptic curve scalar product algorithms.

### Complete Addition Formulas for Prime Order Elliptic Curves

- Mathematics, Computer ScienceEUROCRYPT
- 2016

This paper presents optimized addition formulas that are complete on every prime order short Weierstrass curve defined over a field k with $$\mathrm{char}k \ne 2,3$$charki¾?2,3 and discusses how these formulas can be used to achieve secure, exception-free implementations on all of the prime order curves in the NIST and many other standards.

### Horizontal Correlation Analysis on Exponentiation

- Computer Science, MathematicsICICS
- 2010

A technique in which a single exponentiation curve is applied using only one execution power curve during an exponentiation to recover the whole secret exponent manipulated by the chip, which cannot be prevented by exponent blinding.