
For FullText PDF, please login, if you are a member of IEICE,
or go to Pay Per View on menu list, if you are a nonmember of IEICE.

Secure Elliptic Curve Exponentiation against RPA, ZRA, DPA, and SPA
Hideyo MAMIYA Atsuko MIYAJI Hiroaki MORIMOTO
Publication
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences
Vol.E89A
No.8
pp.22072215 Publication Date: 2006/08/01 Online ISSN: 17451337
DOI: 10.1093/ietfec/e89a.8.2207 Print ISSN: 09168508 Type of Manuscript: PAPER Category: Information Security Keyword: elliptic curve exponentiation, ZPA, RPA, DPA, SPA,
Full Text: PDF>>
Summary:
In the execution on a smart card, side channel attacks such as the simple power analysis (SPA) and the differential power analysis (DPA) have become serious threat. Side channel attacks monitor the side channel information such as power consumption and even exploit the leakage information related to power consumption to reveal bits of a secret key d although d is hidden inside a smart card. Almost public key cryptosystems including RSA, DLPbased cryptosystems, and elliptic curve cryptosystems execute an exponentiation algorithm with a secretkey exponent, and they thus suffer from both SPA and DPA. In the case of elliptic curve cryptosystems, DPA is improved to the refined power analysis (RPA), which exploits a special point with a zero value and reveals a secret key. RPA is further generalized to zerovalue register attack (ZRA). Both RPA and ZRA utilize a special feature of elliptic curves that happens to have a special point or a register used in addition and doubling formulae with a zero value and that the power consumption of 0 is distinguishable from that of a nonzero element. To make the matters worse, some previous efficient countermeasures to DPA are neither resistant to RPA nor ZRA. This paper focuses on elegant countermeasures of elliptic curve exponentiations against RPA, ZRA, DPA and SPA. Our novel countermeasure is easily generalized to be more efficient algorithm with a precomputed table.

