Randomizing the Montgomery Multiplication to Repel Template Attacks on Multiplicative Masking


For a long time multiplicative masking together with highly regular exponentiation algorithms was believed to thwart all side-channel based threats. Recent research results showed that the multiplicative masking itself can be attacked in order to recover the used masks. In this paper we propose a countermeasure which closes this security gap. The basic idea… (More)


3 Figures and Tables

Slides referencing similar topics