An Elliptic Curve Isomorphism Method for Resisting Differential Side-channel Analysis

doi:10.3969/j.issn.1006-2475.2017.10.021

Abstract

Abstract: Elliptic curve cryptosystems (ECC) are broadly applied in portable cryptographic devices. ECC provides the highest security strength per bit of any cryptosystem known today. However, such implementations of portable cryptographic devices of ECC are vulnerable to the widely known differential side-channel analysis (DSCA) attacks. Existing solutions reach the goal by increasing the computational costs, which prohibits the application of ECC in computation resource-restricted devices. Based on elliptic curve isomorphism mapping theory, an equal-value exchange model between elliptic curves is proposed, and then a security method that can prevent DSCA attack in ECC is designed, where almost does not increase computational costs of ECC. The accessment of security indicates that our method can resisit DSCA attacks.

Key words: elliptic curve cryptosystems (ECC), differential side-channel analysis (DSCA), simple side-channel analysis (SSCA), side-channel analysis (SCA), isomorphism mapping, point multiplicaiton

WU Ke-ke, GAO Yue-fang, YAN Li-jun. An Elliptic Curve Isomorphism Method for Resisting Differential Side-channel Analysis[J]. Computer and Modernization, 2017, 0(10): 105-110.

References

［1］ Koblitz N. Elliptic curve cryptosystems［J］. Mathematics of Computation, 1987,48(177):203-209.

［2］ Miller V S. Use of elliptic curves in cryptography［C］// Advances in Cryptology-CRYPTO’85. 1985:417-426.〖HJ0.89mm〗

［3］ Knuth D E. The Art of Computer Programming: Seminumerical Algorithms［M］. USA: Addison-Wesley, 1969：461-465.

［4］ Kocher P C. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems［C］// Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology. 1996:104-113.

［5］ Quisquater J J, Samyde D. Simple electromagnetic analysis for smart cards: New results［C］// Rump Session Talk at Cyrpto. 2000.

［6］ Wu Keke, Li Huiyun, Chen Tingding, et al. Simple power analysis on elliptic curve cryptosystems and countermeasures: Practical work［C］// The 2nd International Symposium on Electronic Commerce and Security(ISECS 2009). 2009:21-24.

［7］ Montgomery P L. Speeding the pollard and elliptic curve methods of factorizations［J］. Mathematics of Computation, 1987,48(177):243-264.

［8］ Coron J S. Resistance against differential power analysis for elliptic curve cryptosystems［C］// Proceedings of the 1st International Workshop on Cryptographic Hardware and Embedded Systems. 1999:292-302.

［9］ Brier E, Joye M. Weierstrass elliptic curves and side-channel attacks［C］// Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems. 2002:335-345.

［10］ Joye M, Quisquater J J. Hessian elliptic curves and side-channel attacks［C］// International Workshop on Cryptographic Hardware and Embedded Systems. 2001: 402-410. 

［11］Billet O, Joye M. The Jacobi model of an elliptic curve and side-channel analysis［C］// International Symposium on Applied Algebra, Algebraic Algorithms and Error-Correcting Codes. 2003:34-42.

［12］Chevallier-Mames B, Ciet M, Joye M. Low-cost solutions for preventing simple side-channel analysis: Side-channel atomicity［J］. IEEE Transactions on Computers, 2004,53(6):760-768.

［13］Wu Keke, Li Huiyun, Zhu Dingju, et al. Efficient solution to secure ECC against side-channel attacks［J］. Chinese Journal of Electronics, 2011,20(3):471-475.

［14］Azarderakhsh R, Karabina K. A new double point multiplication algorithm and its application to binary elliptic curves with endomorphisms［J］. IEEE Transactions on Computers, 2014,63(10):2614-2619.

［15］ Kocher P C, Jaffe J, Jun B. Differential power analysis［C］// Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology. 1999:388-397. 

［16］Coron J S. Resistance against differential power analysis for elliptic curve cryptosystems［C］// Proceedings of the 1st International Workshop on Cryptographic Hardware and Embedded Systems. 1999:292-302.

［17］Messerges T S, Dabbish E A, Sloan R H. Power analysis attacks of modular exponentiation in smartcards［C］// Proceedings of the 1st International Workshop on Cryptographic Hardware and Embedded Systems. 1999:144-157.

［18］Goubin L. A refined power analysis attack on elliptic curve cryptosystems［C］// Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography. 2003:199-210.

［19］Akishita T, Takagi T. Zero-valuepoint attacks on elliptic curve cryptosystem［C］// International Conference on Information Security. 2003:218-233.

［20］Dupuy W, Kunz-Jacques S. Resistance of randomized projective coordinates against power analysis［C］// Proceedings of the 7th International Conference on Cryptographic Hardware and Embedded Systems. 2005:1-14.

［21］Gebotys C H, Ho S, Tiu C C. EM analysis of Rijndael and ECC on a wireless Java-based PDA［C］// International Workshop on Cryptographic Hardware and Embedded Systems. 2005:250-264.

［22］Fan Junfeng, Gierlichs B, Vercauteren F. To infinity and beyond: Combined attack on ECC using points of low order［C］// Proceedings of the 13th International Conference on Cryptographic Hardware and Embedded Systems. 2011:143-159.

［23］Chari S, Jutla C S, Rao J R, et al. Towards sound approaches to counteract power-analysis attacks［C］// Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology. 1999:398-412.

［24］Clavier C, Joye M. Universal exponentiation algorithm: A first step towards provable SPA-resistance［C］// International Workshop on Cryptographic Hardware and Embedded Systems. 2001:300-308.

［25］Trichina E, Bellezza A. Implementation of elliptic curve cryptography with built-in countermeasures against side channel attacks［C］// International Workshop on Cryptographic Hardware and Embedded Systems. 2002:98-113.

［26］Okeya K, Takagi T. The width—w NAF method provides small memory and fast elliptic scalar multiplications secure against side channel attacks［C］// Proceedings of the 2003 RSA Conference on the Cryptographers’ Track. 2003:328-343. 

［27］Okeya K, Sakura K. Power analysis breaks elliptic curve cryptosystems even secure against the timing attack［C］// Proceedings of the 1st International Conference on Progress in Cryptology. 2000:178-l90.

［28］Joye M, Tymen C. Protections against differential analysis for elliptic curve cryptography［C］// Proceedings of the 3rd International Workshop on Cryptographic Hardware and Embedded Systems. 2001:377-390.

［29］Taverne J, Faz-Hernandez A, Aranha D F,et al. Software implementation of binary elliptic curves: Impact of the carry-less multiplier on scalar multiplication［C］// Proceedings of the 13th International Conference on Cryptographic Hardware and Embedded Systems. 2011:108-123.

［30］Lee J W, Chung S C, Chang H C,et al. An efficient countermeasure against correlation power-analysis attacks with randomized montgomery operations for DF-ECC processor［C］// Proceedings of the 14th International Conference on Cryptographic Hardware and Embedded Systems. 2012: 548-564.

［31］Hankerson D, Menezes A, Vanstone S. Guide to Elliptic Curve Cryptography［M］. London: Springer, 2004:76-86.

［32］左孝凌，李为鑑，刘永才. 离散数学［M］. 上海：上海科学技术文献出版社， 1999：212-221.

［33］Mangard S, Oswald E, Popp T.Power Analysis Attacks: Revealing the Secrets of Smart Cards［M］. Berlin: Springer, 2007:223-244.