Browse > Article
http://dx.doi.org/10.13089/JKIISC.2011.21.3.11

Efficient Fault Injection Attack to the Miller Algorithm in the Pairing Computation using Affine Coordinate System  

Bae, Ki-Seok (Kyungpook National University)
Park, Jea-Hoon (DTaQ)
Sohn, Gyo-Yong (Kyungpook National University)
Ha, Jae-Cheol (Hoseo University)
Moon, Sang-Jae (Kyungpook National University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.21, no.3, 2011 , pp. 11-25 More about this Journal
Abstract
The Miller algorithm is employed in the typical pairing computation such as Weil, Tate and Ate for implementing ID based cryptosystem. By analyzing the Mrabet's attack that is one of fault attacks against the Miller algorithm, this paper presents au efficient fault attack in Affine coordinate system, it is the most basic coordinates for construction of elliptic curve. The proposed attack is the effective model of a count check fault attack, it is verified to work well by practical fault injection experiments and can omit the probabilistic analysis that is required in the previous counter fault model.
Keywords
Pairing computation; Miller algorithm; Fault injection attack;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 M. Maas, "Pairing-Based Cryptography", Master Thesis, Technische Universiteit Eindhoven, 2004.
2 박제훈, 문상재, 하재철, "CRT-RSA 암호시스템에 대한 광학적 오류 주입 공격의 실험적 연구," 정보보호학회논문지 19(3), pp. 51-59, 2009. 6.
3 P. Kocher, J. Jaffe, and B. Jun. "Differential Power Analysis," CRYPTO 1999, LNCS 1666, pp. 388-397, 1999.
4 NTL, A Library for doing Number Theory, http://www.shoup.net/ntl/
5 D.G. Cantor and H. Zassenhaus. "A New Algorithm for Factoring Polynomials Over Finite Fields". Mathematics of Computation, vol.36, pp.587-592, 1981.   DOI   ScienceOn
6 D.V. Chudnovsky and G.V. Chudnovsky. "Sequences of numbers generated by addition in formal groups and new primality and factorization tests". Advances in Applied Mathematics, vol.7, no.4, pp. 385-434, Dec. 1986.   DOI
7 F. Hess, N.P. Smart, and F. Vercauteren. "The Eta Pairing Revisited," IEEE Transactions on Information Theory, vol.52, no.10, pp. 4595-4602, Oct. 2006.   DOI
8 J. Lopez and R. Dahab, "Improved Algorithms for Elliptic Curve Arithmetic in ," Proc. of SAC'98, LNCS 1556, pp. 201-212, 1998.
9 J. Siverman, The Arithmetic of Elliptic Curves, Springer-Verlag, 1986.
10 V. Miller. "The Weil Pairing, and its Efficient Calculation," Journal of Cryptology, vol.17, no.4, pp. 235-261, Sep. 2004.
11 S. Kwon. "Efficient Tate Pairing Computation for Supersingular Elliptic Curves over Binary Fields," IACR ePrint 2004- 303. Nov. 2004.
12 R. Anderson and S. Skoroboatov, "Optical fault induction attacks," CHES 2002, LNCS 2523, pp. 31-48, 2003.
13 I.M. Duursma and H.S. Lee. "Tate Pairing Implementation for Hyperelliptic Curves $y^2=x^p-x+d$," Advanced in Cryptology - Asiacrypt 2003, LNCS 2894, pp. 111-123, 2003.
14 P. Barreto, S. Galbraith, C. O'hEigeartaigh, and M. Scott. "Efficient Pairing Computation on Supersingular Abelian Varieties," IACR ePrint 2004-375. Sep. 2005.
15 C. Whelan and M. Scott, "The Importance of the Final exponentiation in Pairings when considering Fault Attacks," Proc. of Pairing 2007, LNCS 4575, pp. 225-246, 2007.
16 P. Barreto, H. Kim, B. Lynn, and M. Scott. "Efficient Algorithms for Pairing Based Cryptosystems," Advanced in Cryptology-CRYPTO 2002, LNCS 2442, pp. 354-368, 2002.
17 N.E. Mrabet, "What about Vulnerability to a Fault Attack of the Miller's Algorithm During an Identity Based Protocol?," Advances in Information Security and Assurance - ISA'09, LNCS 5576, pp. 122-134, June 2009.
18 N.P. Smart, "An identity based authentication key agreement protocol based on pairing," Electronics Letters, vol.38, no.13, pp. 630-632, June 2002.   DOI   ScienceOn
19 C. Kim, J. Ha, and S. Moon, "A Blinding- Based Scalar Multiplication Algorithm Secure against Power Analysis Attacks," 정보보호학회논문지 17(3), pp. 117-121, 2007. 6.
20 D. Page and F. Vercauteren, "A Fault Attacks on Pairing based Cryptography," IEEE Transactions on Computers, vol. 55, no.9, pp. 1075-1080, Sep. 2006.   DOI
21 J.C. Cha and J.H. Cheon, "An Indentity-Based Signature from Gap Diffie-Hellman Groups," Proc. of PKC 2003, LNCS 2567, pp. 18-30, 2003.
22 F. Hess, "Exponent group signature schemes and efficient identity based signature schems based on pairing," Proc. of SAC 2002, LNCS 2595, pp. 310-324, 2002.
23 K.G. Paterson, "ID-based signature from pairings on elliptic curves," Electronics Letters, vol.38, no.18, pp. 1025-1026, Aug. 2002.   DOI   ScienceOn
24 D. Boneh and M. Franklin, "Identity based encryption from the Weil Pairing," Advanced in Cryptology, Crypto 2001, LNCS 2139, pp.213-229, 2001.
25 A. Joux, "A One Round Protocol for Tripartite Diffie-Hellman," Proc. of Algorithmic Number Theory, LNCS 1838, pp. 385-393, 2000.
26 D. Boneh, B. Lynn, and H. Shacham, "Short Signatures from the Weil Pairing," Journal of Cryptology, vol.17, no,4, pp. 297-319, Sep. 2004.