Journal of the Korea Institute of Information Security & Cryptology (정보보호학회논문지)

Korea Institute of Information Security and Cryptology (한국정보보호학회)
권호 표지
DOI QR코드

DOI QR Code

Efficient Fault Injection Attack to the Miller Algorithm in the Pairing Computation using Affine Coordinate System

아핀좌표를 사용하는 페어링 연산의 Miller 알고리듬에 대한 효과적인 오류주입공격

  • Received : 2010.08.12
  • Accepted : 2011.03.18
  • Published : 2011.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

The Miller algorithm is employed in the typical pairing computation such as Weil, Tate and Ate for implementing ID based cryptosystem. By analyzing the Mrabet's attack that is one of fault attacks against the Miller algorithm, this paper presents au efficient fault attack in Affine coordinate system, it is the most basic coordinates for construction of elliptic curve. The proposed attack is the effective model of a count check fault attack, it is verified to work well by practical fault injection experiments and can omit the probabilistic analysis that is required in the previous counter fault model.

ID 기반 암호시스템의 구현을 위한 Weil, Tate, Ate와 같은 페어링 연산 기법에서는 밀러 알고리듬이 사용된다. 본 연구에서는 밀려 알고리듬에 대한 오류 공격의 하나인 Mrabet의 방법을 분석하여 타원곡선을 표현하는 가장 기본적인 좌표계인 아핀좌표계에서의 효과적인 오류주입공격 방법을 제안하였다. 제안하는 오류주입공격은 멀리 알고리듬의 루프 횟수를 판별하는 분기 구문에 오류를 주입하는 모델이며, 실제 레이저 주입 실험을 수행하여 검증하였다. 이 모델은 기존의 루프 횟수 오류 기법에서 요구하였던 확률적인 분석을 생략할 수 있어 효과적이다.

Keywords

Acknowledgement

Supported by : 한국학술진흥재단

References

  1. D. Boneh and M. Franklin, "Identity based encryption from the Weil Pairing," Advanced in Cryptology, Crypto 2001, LNCS 2139, pp.213-229, 2001.
  2. J.C. Cha and J.H. Cheon, "An Indentity-Based Signature from Gap Diffie-Hellman Groups," Proc. of PKC 2003, LNCS 2567, pp. 18-30, 2003.
  3. F. Hess, "Exponent group signature schemes and efficient identity based signature schems based on pairing," Proc. of SAC 2002, LNCS 2595, pp. 310-324, 2002.
  4. K.G. Paterson, "ID-based signature from pairings on elliptic curves," Electronics Letters, vol.38, no.18, pp. 1025-1026, Aug. 2002. https://doi.org/10.1049/el:20020682
  5. A. Joux, "A One Round Protocol for Tripartite Diffie-Hellman," Proc. of Algorithmic Number Theory, LNCS 1838, pp. 385-393, 2000.
  6. D. Boneh, B. Lynn, and H. Shacham, "Short Signatures from the Weil Pairing," Journal of Cryptology, vol.17, no,4, pp. 297-319, Sep. 2004.
  7. N.P. Smart, "An identity based authentication key agreement protocol based on pairing," Electronics Letters, vol.38, no.13, pp. 630-632, June 2002. https://doi.org/10.1049/el:20020387
  8. C. Kim, J. Ha, and S. Moon, "A Blinding- Based Scalar Multiplication Algorithm Secure against Power Analysis Attacks," 정보보호학회논문지 17(3), pp. 117-121, 2007. 6.
  9. D. Page and F. Vercauteren, "A Fault Attacks on Pairing based Cryptography," IEEE Transactions on Computers, vol. 55, no.9, pp. 1075-1080, Sep. 2006. https://doi.org/10.1109/TC.2006.134
  10. C. Whelan and M. Scott, "The Importance of the Final exponentiation in Pairings when considering Fault Attacks," Proc. of Pairing 2007, LNCS 4575, pp. 225-246, 2007.
  11. N.E. Mrabet, "What about Vulnerability to a Fault Attack of the Miller's Algorithm During an Identity Based Protocol?," Advances in Information Security and Assurance - ISA'09, LNCS 5576, pp. 122-134, June 2009.
  12. I.M. Duursma and H.S. Lee. "Tate Pairing Implementation for Hyperelliptic Curves $y^2=x^p-x+d$," Advanced in Cryptology - Asiacrypt 2003, LNCS 2894, pp. 111-123, 2003.
  13. P. Barreto, S. Galbraith, C. O'hEigeartaigh, and M. Scott. "Efficient Pairing Computation on Supersingular Abelian Varieties," IACR ePrint 2004-375. Sep. 2005.
  14. S. Kwon. "Efficient Tate Pairing Computation for Supersingular Elliptic Curves over Binary Fields," IACR ePrint 2004- 303. Nov. 2004.
  15. P. Barreto, H. Kim, B. Lynn, and M. Scott. "Efficient Algorithms for Pairing Based Cryptosystems," Advanced in Cryptology-CRYPTO 2002, LNCS 2442, pp. 354-368, 2002.
  16. F. Hess, N.P. Smart, and F. Vercauteren. "The Eta Pairing Revisited," IEEE Transactions on Information Theory, vol.52, no.10, pp. 4595-4602, Oct. 2006. https://doi.org/10.1109/TIT.2006.881709
  17. J. Lopez and R. Dahab, "Improved Algorithms for Elliptic Curve Arithmetic in ," Proc. of SAC'98, LNCS 1556, pp. 201-212, 1998.
  18. J. Siverman, The Arithmetic of Elliptic Curves, Springer-Verlag, 1986.
  19. V. Miller. "The Weil Pairing, and its Efficient Calculation," Journal of Cryptology, vol.17, no.4, pp. 235-261, Sep. 2004.
  20. R. Anderson and S. Skoroboatov, "Optical fault induction attacks," CHES 2002, LNCS 2523, pp. 31-48, 2003.
  21. 박제훈, 문상재, 하재철, "CRT-RSA 암호시스템에 대한 광학적 오류 주입 공격의 실험적 연구," 정보보호학회논문지 19(3), pp. 51-59, 2009. 6.
  22. P. Kocher, J. Jaffe, and B. Jun. "Differential Power Analysis," CRYPTO 1999, LNCS 1666, pp. 388-397, 1999.
  23. NTL, A Library for doing Number Theory, http://www.shoup.net/ntl/
  24. D.G. Cantor and H. Zassenhaus. "A New Algorithm for Factoring Polynomials Over Finite Fields". Mathematics of Computation, vol.36, pp.587-592, 1981. https://doi.org/10.1090/S0025-5718-1981-0606517-5
  25. D.V. Chudnovsky and G.V. Chudnovsky. "Sequences of numbers generated by addition in formal groups and new primality and factorization tests". Advances in Applied Mathematics, vol.7, no.4, pp. 385-434, Dec. 1986. https://doi.org/10.1016/0196-8858(86)90023-0
  26. M. Maas, "Pairing-Based Cryptography", Master Thesis, Technische Universiteit Eindhoven, 2004.