Ⅰ.Introduction
Since Kocher introduced power analysis attacks against cryptographic devices (1), many countermeasures have been proposed to prevent power analysis attacks based on various hardware and software techniques. Specifically, for implementations of elliptic curve cryptosystems (ECC), there are several types of countermeasures that have been suggested, including random scalar multiplication algorithm, random blinding on a point, random projective coordinate algorithm, and some approaches using special forms of elliptic curves ' . However, these above countermeasures suffer from some disadvantages; they have either large computational overhead or some security weaknesses against new types of power analysis attack including RPA ⑹, ZPA ⑺, and doubling attack ⑻.
More recently, two new countermeasures have been proposed to protect against the different types of DPA attacks. First, Smart analyzed RPA and presented two defending methods (randomization of the private key and point blinding)⑼.However, none of these methods are efficient from a viewpoint of computational load. Second, to prevent various power analysis attacks like DPA, Mamiya et al proposed a new countermeasure (called BRIP) which uses a random initial point (RIP)[10\ This method, however, is vulnerable to a simple power analysis (SPA) by exploiting specially chosen input messages"". Moreover, the countermeasure is not suitable for RSA implementation because it requires an inversion computation and almost similar to the proposed countermeasure to prevent fa니t analysis attacks and power analysis attackse23. To solve the above mentioned problem of new vulnerability and computational inefficiency, we propose an enhanced countermeasure by developing a new random blinding technique.
Ⅱ.New Proposed Coimtermeasure
2.1 Proposed Scalar Multiplication Algorithm
The basic idea of the proposed countenneasure is to blind a point using a random point R. We finally compute dF牛腿R instead of dP, where d, P, and #e is the secret key, the input point, and the number of points of the curve, respectively. Now, let s = #E — d, then we compute both d(P+ 7?) and s* R The core of the algorithm is the simultaneous scalar multiplication of the above two operations and sR as described in Fig. 1. By using a random blinding point technique, the intermediate values of points and registers used in each iteration are randomly changed.
(Fig. 1) Proposed scalar multiplication for ECC
In Fig. 1, to compute d(P+Ji) and sR simultaneously we applied to the Shamir's trick. In this case the final result dP is obtained by computing
#(1)
where #eR is equal to a point O at infinity. Although the proposed idea seems to be a simple analogy of the previously known countermeasure BRIP and the exponent splitting , this idea is more secure and efficient than the above two countermeasures.
Even if an attacker inputs special points to attempt an attack using RPA and ZPA, he cannot bypass the proposed countermeasure because the point P is blinded by the random point R which is changed at each scalar multiplication.
Therefore, this countermeasure can protect against various power analysis like DPA (RPA, ZPA, and doubling attacks) as well as classical DPA attacks.
Moreover, the proposed countermeasure can be applied to RSA. Notice that it is not necessary to compute an inverse of the random number equivalent for -R. This design becomes very useful to speed up secure RSA implementation. From this point of view, the proposed countermeasure is a more efficient and general than Mamiya's countermeasure.
2.2 Low Cost Scalar Multiplication Algorithm
In order to protect against SPA, instructions performed during a cryptographic algorithm should not depend on the data being processed. However the proposed algorithm in Fig. 1 has an addition of infinity point in case of =00. This computation might provide a weakness in SPA because it reveals whether 岫 is 00 or not. Fig. 2 shows that the proposed countermeasure can be applied to the side channel atomic doubling and addition multiplication procedure for ECC”이 In this algorithm, we assume that the doubling is processed using the same algorithm as the addition as you see in Fig. 2. Although the Step 5.1 in Fig. 2 is either doubling or addition according to q and % these operations should be operated using same elliptic point operation to prevent from SPA. Therefore, the elliptic point operation for side channel atomic multiplication algorithm should be carefully implemented. An efficient algorithm for Step 5.1 in Fig. 2 is proposed by Mames et aZE14
[Fig. 2) The side channel atomic multiplication algorithm
We can reduce the number of loop iterations to 1.75n operations on average because of the properties of side channel atomic multiplication algorithm. So we can save 12.5% in computational load compared to Mamiya's one. Although the proposed countermeasure requires an extra register compared to BRIP, it can be solved by enhanced hardware technique nowadays.
Ⅲ.Security Consideration
Let be an elliptic curve defined over a field K. 瓦2] is defined as follows.
#(2)
where K is an algebraic closure of K.
In new SPA (by exploiting specially chosen input messages), if 2-torsion point does not exit, then the attack is infeasible and useless. However, since almost elliptic curves E defined over K= Fem except Fp and Fpm have an even cofactor, they have 2-torsion point"'. So, new SPA should be considered to implement a secure scalar multiplication algorithm against power analysis attacks.
Contrary to BRIP, the proposed countermeasure is secure against new SPA because the basic concept of the proposed one is not O= (ill..- ll)27?-7? but O— 沮 where 1 means -1. More clearly, as shown in Table 1 when P is 2-torsion point, there are many possible values of Q at the beginning of each iteration in Fig. 1.
(Table 1) Possible values of Q at the beginning of each iteration in Fig. 1
In the case of BRIP, there are only two possible output values of Q (either R or P+K) depending on the value of 4 no matter what the value of Q was at the beginning of this iteration. While in the case of the proposed countermeasure, there are many possible output values of Q depending on the value of Q= n — 1、(必+ 叡) . 야fR. Moreover, the values of Q differ k = i from at each execution because the random point R is randomly updated by a random number r. Therefore, the proposed countermeasure is resistant against not only various power analysis attacks like DPA but also the new SPA.
As a special case, if the random point R in step 2 of Fig. 1 is updated using not a random projective coordinate but the multiplication by 2 maps, this countermeasure is susceptible to doubling attack. Therefore, the random point R should be carefully and randomly updated.
Ⅳ.Conclusion
This letter presents a countermeasure against the several types of DPA as well as new SPA-based 2-torsion point attack. The computational cost of the proposed countermeasure is very low when compared to the previous methods which rely on C*s oron simple SPA countermeasure. Notice especially that the proposed countermeasure is a more general coxintermeasure which can be applied to ECC as well as RSA systems without inverse operation.
References
- P. Kocher, J. Jaffe and B.Jun, 'Differential Power Analysis,' CRYPTO'99, LNCS 1666, pp. 388-397, Springer-Verlag, 1999
- J. Coron, 'Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems,' CHES'99, LNCS 1717, pp.292-302, Springer-Verlag, 1999
- K. Okeya and K. Sakurai, 'Power Analysis Breaks Elliptic Curve Cryptosystems even Secure against the Timing Attack,' INDOCRYPT'00, LNCS 1977, pp.178-190, Springer-Verlag, 2000
- P. Liardet and N. Smart, 'Preventing SPA/DPA in ECC Systems using the Jacobi Form,' CHES'01, LNCS 2162, pp. 391-401, Springer-Verlag, 2001
- M. Joye and J. Quisquater, 'Hessian Elliptic Curves and Side-Channel Attacks,' CHES'01, LNCS 2162, pp. 402-410, Springer-Verlag, 2001
- L. Goubin, 'A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems,' PKC'03, LNCS 2567, pp. 199-210, Springer-Verlag, 2003
- T. Akishita and T. Takagi, 'Zero-Value Point Attacks on Elliptic Curve Cryptosystem,' ISC'03, LNCS 2851, pp. 218-233, Springer-Verlag, 2003
- P. A. Fouque and F. Valette, 'The Doubling Attack - Why Upwards Is Better than Downwards,' CHES'03, LNCS 2779, pp. 269-280, Springer-Verlag, 2003
- N. P. Smart, 'An Analysis Goubin's Refined Power Analysis Attack,' CHES'03, LNCS 2779, pp. 281-290, Springer-Verlag, 2003
- H. Mamiya, A. Miyaji, and H. Morimoto, 'Efficient Countermeasure against RPA, DPA, and SPA,' CHES'04, LNCS 3156, pp. 343-356, Springer-Verlag, 2004
- S. Yen, W. Lien, S. Moon, and J. Ha, 'Power Analysis by Exploiting Chosen Message and Internal Collisions - Vulnerability of Checking Mechanism for RSA-Decryption,' MYCRYPT'05, LNCS 3715, pp. 183-195, Springer-Verlag, 2005
- C. K. Kim, J. C. Ha, S. H. Kim, S. K. Kim, S. M. Yen, and S. J. Moon, 'A Secure and Practical CRT-based RSA to Resist Side Channel Attacks,' ICCSA'04, LNCS 3043, pp. 150-158, Springer-Verlag, 2004
- C. Clavier and M. Joye, 'Universal Exponentiation Algorithm,' CHES'01, LNCS 2162, pp.300-308, Springer-Verlag, 2001
- B. C. Mames, M. Ciet, and M. Joye, 'Low-Cost Solutions for Preventing Simple Side-Channel Analysis: Side-Channel Atomicity,' IEEE Transactions on Computers, vol. 53, No. 6, June 2004
- National Institute of Standards and Technology, Digital Signature Standard, FIPS 186-2, Feb. 2000