Defeating Simple Power Analysis on Koblitz Curves

@article{Vuillaume2006DefeatingSP,
  title={Defeating Simple Power Analysis on Koblitz Curves},
  author={Camille Vuillaume and Katsuyuki Okeya and Tsuyoshi Takagi},
  journal={IEICE Trans. Fundam. Electron. Commun. Comput. Sci.},
  year={2006},
  volume={89-A},
  pages={1362-1369}
}
Koblitz curves belong to a special class of binary curves on which the scalar multiplication can be computed very efficiently. For this reason, they are suitable candidates for implementations on low-end processors. However, such devices are often vulnerable to side channel attacks. In this paper, we propose a new countermeasure against side channel attacks on Koblitz curves, which utilizes a fixed-pattern recoding to defeat simple power analysis. We show that in practical cases, the recoding… 
5 Citations

Figures and Tables from this paper

Coprocessor for Koblitz Curves
Koblitz curves [20] are a special class of elliptic-curves which enable very efficient point multiplications and, therefore, they are attractive for hardware and software implementations. However,
New Countermeasures against Power Analysis Attacks for Koblitz Curve Crystosystems
TLDR
This work proposes countermeasures against power analysis attacks for elliptic curve cryptosystems based on Koblitz curves (KCs), which are a special class of elliptic curves, and makes their countermeasures be secure against SPA, DPA, and new DPA attacks, specially RPA, ZPA using a random point at each execution of elliptIC curve scalar multiplication.
A New Approach for Implementing the MPL Method toward Higher SPA Resistance
TLDR
It is shown that a na¨ıve implementation of the MPL method is vulnerable for SPA attacks by observing the power consumption of the controller block of the RSA hardware, and a new hardware architecture for RSA using the MPl method is proposed to enhance SPA resistance.
Arithmetic of $$\tau $$τ-adic expansions for lightweight Koblitz curve cryptography
TLDR
A new representation allowing more efficient and secure computations compared to the algorithms available in the preliminary version of this work from CARDIS 2014 is introduced and several algorithms for performing arithmetic operations in the $$\tau $$τ-adic domain are provided.
Pre-Computation Scheme of Window τNAF for Koblitz Curves Revisited
TLDR
This work focuses on the pre-computation part of scalar multiplication of Koblitz curves, and introduces μτ̄ operations where μ = (−1)1−a and τ̄ is the complex conjugate of τ .

References

SHOWING 1-10 OF 22 REFERENCES
Efficient Representations on Koblitz Curves with Resistance to Side Channel Attacks
TLDR
Two countermeasures against side channel attacks on Koblitz curves are proposed, which utilize a fixed-pattern recoding to defeat simple power analysis and the scalar is recoded from left to right.
Power Analysis Attacks and Algorithmic Approaches to Their Countermeasures for Koblitz Curve Cryptosystems
  • M. Hasan
  • Mathematics, Computer Science
    IEEE Trans. Computers
  • 2001
TLDR
In this article, power analysis attacks are applied to cryptosystems that use scalar multiplication on Koblitz curves and a number of countermeasures are suggested.
Low-cost solutions for preventing simple side-channel analysis: side-channel atomicity
TLDR
This work presents several novel exponentiation algorithms, namely, a protected square-and-multiply algorithm, its right-to-left counterpart, and several protected sliding-window algorithms, which share the common feature that the complexity is globally unchanged compared to the corresponding unprotected implementations.
Fast Scalar Multiplication Method Using Change-of-Basis Matrix to Prevent Power Analysis Attacks on Koblitz Curves
TLDR
This work proposes a fast scalar multiplication method using a change-of-basis matrix to prevent power analysis attacks on Koblitz curves and introduces randomness with negligible overhead for DPA prevention.
Efficient Arithmetic on Koblitz Curves
  • J. Solinas
  • Computer Science, Mathematics
    Des. Codes Cryptogr.
  • 2000
TLDR
An improved version of theoblitz algorithm, which runs 50 times faster than any previous version, is given, based on a new kind of representation of an integer, analogous to certain kinds of binary expansions.
Fast Generation of Pairs (k, [k]P) for Koblitz Elliptic Curves
TLDR
The presented algorithm combines normal and polynomial basis operations to achieve optimal performance and it is proved that a probabilistic signature scheme using the generator remains secure against chosen message attacks.
Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems
  • J. Coron
  • Computer Science, Mathematics
    CHES
  • 1999
TLDR
This paper generalizes DPA attack to elliptic curve (EC) cryptosystems and describes a DPA on EC Diffie-Hellman key exchange and EC EI-Gamal type encryption that enable to recover the private key stored inside the smart-card.
Short-Memory Scalar Multiplication for Koblitz Curves
TLDR
The new method is as fast as the fastest known techniques on Koblitz curves but requires much less memory; therefore, it is of particular interest for environments with low resources.
Efficient Countermeasures against RPA, DPA, and SPA
TLDR
A novel countermeasure resistant against RPA, ZPA, SPA and DPA without any pre-computed table is shown and is generalized to present more efficient algorithm with a pre- computed table.
CM-Curves with Good Cryptographic Properties
Our purpose is to describe elliptic curves with complex multiplication which in characteristic 2 have the following useful properties for constructing Diffie-Hellman type cryptosystems: (1) they are
...
...