State-of-the-art of secure ECC implementations: a survey on known side-channel attacks and countermeasures

Fan, Junfeng; Guo, Xu; Mulder, Elke De; Schaumont, Patrick; Preneel, Bart; Verbauwhede, Ingrid

doi:10.1109/hst.2010.5513110

Cited by 124 publications

(74 citation statements)

References 37 publications

(62 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Traditional power attack methods consist of Simple Power Attack (SPA), Differential Power Attack (DPA) and Template Attack (TA) [4]. SPA just needs one power trace.…”

Section: Side Channel Analysismentioning

confidence: 99%

See 1 more Smart Citation

A high-performance elliptic curve cryptographic coprocessor with side channel analysis countermeasures for smart IC card

Han

Wang

et al. 2015

IEICE Electron. Express

View full text Add to dashboard Cite

This paper presents a design of an elliptic curve coprocessor over GF( p) with side-channel analysis countermeasures and fast implementation schemes, which can be used for all elliptic curve cryptographic algorithms, such as ECC and SM2. The proposed coprocessor can resist side channel analysis and is implemented basing on the C*Core-C0 platform. Using SMIC 0.13-µm CMOS technology, synthesis results show that our coprocessor can perform one 256-bit elliptic curve scalar multiplication over the prime field in 8.35 ms at 50 MHz with only 1.98 mW and 17.7K gates. The proposed coprocessor outperforms other coprocessors in terms of the overall performance of area, power, speed and security, which is quite suitable for smart IC card.

show abstract

“…Traditional power attack methods consist of Simple Power Attack (SPA), Differential Power Attack (DPA) and Template Attack (TA) [4]. SPA just needs one power trace.…”

Section: Side Channel Analysismentioning

confidence: 99%

“…Side channel analysis mainly includes power attack, fault attack (FA) and electromagnetic attack (EMA) [4], among which power attack is the most important. Power attack can derive the secret key utilizing power leakages of cryptosystems.…”

Section: Side Channel Analysismentioning

confidence: 99%

A high-performance elliptic curve cryptographic coprocessor with side channel analysis countermeasures for smart IC card

Han

Wang

et al. 2015

IEICE Electron. Express

View full text Add to dashboard Cite

show abstract

“…Regarding DPA attacks, countermeasures are based on randomization during the SM process [11] [10] as adopted in Algorithm 1 (base point blinding, Coron second countermeasure). As long as point operations in SM rounds remain fully balanced (same point operations number per round, same point operations execution order per round for all rounds) and the random point R is not a weak mask (i.e.…”

Section: A Power Analysis Attack Resistancementioning

confidence: 99%

“…Scalar multiplication (SM), the main mathematical operation behind Elliptic Curve Cryptography (ECC) is the target of a broad range of possible PAs and FAs on ECC [11] [15] of both horizontal and vertical nature [7]. RNS is an arithmetic representation that is advantageous when it comes to parallel arithmetic calculations and has considerable potentials as an PA/FA countermeasure [2] [4] [19] [16].…”

Section: Introductionmentioning

confidence: 99%

Residue Number System as a side channel and fault injection attack countermeasure in elliptic curve cryptography

Fournaris

Papachristodoulou

Batina

et al. 2016

2016 International Conference on Design and Technology of Integrated Systems in Nanoscale Era (DTIS)

View full text Add to dashboard Cite

Abstract-Implementation attacks and more specifically Power Analysis (PA) (the dominant type of side channel attack) and fault injection (FA) attacks constitute a pragmatic hazard for scalar multiplication, the main operation behind Elliptic Curve Cryptography. There exists a wide variety of countermeasures attempting to thwart such attacks that, however, few of them explore the potential of alternative number systems like the Residue Number System (RNS). In this paper, we explore the potential of RNS as an PA-FA countermeasure and propose an PA-FA resistant scalar multiplication algorithm and provide an extensive security analysis against the most effective PA-FA techniques. We argue through a security analysis that combining traditional PA-FA countermeasures with lightweight RNS countermeasures can provide strong PA-FA resistance.

show abstract

“…Side-channel attacks on ECC have gained significant amounts of research interest [17,18]. We focus on passive attacks where an attacker only observes a cryptographic device under its normal operation.…”

Section: Introductionmentioning

confidence: 99%

Single-Trace Side-Channel Attacks on Scalar Multiplications with Precomputations

Järvinen

Balasch

2017

Smart Card Research and Advanced Applications

View full text Add to dashboard Cite

Abstract. Single-trace side-channel attacks are a serious threat to elliptic curve cryptography in practice because they can break also cryptosystems where scalars are nonces (e.g., ECDSA). Previously it was believed that single-trace attacks can be avoided by using scalar multiplication algorithms with regular patterns of operations but recently we have learned that they can be broken with correlation tests to decide whether different operations share common operands. In this work, we extend these attacks to scalar multiplication algorithms with precomputations. We show that many algorithms are vulnerable to our attack which correlates measurements with precomputed values. We also show that successful attacks are possible even without knowledge of precomputed values by using clustering instead of correlations. We provide extensive evidence for the feasibility of the attacks with simulations and experiments with an 8-bit AVR. Finally, we discuss the effectiveness of certain countermeasures against our attacks.

show abstract

State-of-the-art of secure ECC implementations: a survey on known side-channel attacks and countermeasures

Cited by 124 publications

References 37 publications

A high-performance elliptic curve cryptographic coprocessor with side channel analysis countermeasures for smart IC card

A high-performance elliptic curve cryptographic coprocessor with side channel analysis countermeasures for smart IC card

Residue Number System as a side channel and fault injection attack countermeasure in elliptic curve cryptography

Single-Trace Side-Channel Attacks on Scalar Multiplications with Precomputations

Contact Info

Product

Resources

About