Browse > Article
http://dx.doi.org/10.13089/JKIISC.2012.22.5.1019

A fault attack on elliptic curve scalar multiplication based on Euclidean Addition Chain  

Lee, Soo Jeong (Center for Information Security Technologies, Korea University)
Cho, Sung Min (Center for Information Security Technologies, Korea University)
Hong, Seokhie (Center for Information Security Technologies, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.22, no.5, 2012 , pp. 1019-1025 More about this Journal
Abstract
Fault attacks manipulate the computation of an algorithm and get information about the private key from the erroneous result. It is the most powerful attack for the cryptographic device. Currently, the research on error detection methods and fault attacks have been studied actively. S. Pontarelli et al. introduced an error detection method in 2009. It can detect an error that occurs during Elliptic Curve Scalar Multiplication (ECSM). In this paper, we present a new fault attack. Our attack can avoid the error detection method introduced by S. Pontarelli et al. We inject a bit flip error in the Euclidean Addition Chain (EAC) on the private key in ECSM and retrieve the private key.
Keywords
Elliptic Curve Scalar Multiplication; Elliptic Curve Cryptosystem; Fault Attacks; Euclidean Addition Chain;
Citations & Related Records
연도 인용수 순위
  • Reference
1 N. Koblitz. "Elliptic curve cryptosystems," Mathematics of Computation, Vol. 48, no.177, pp. 203-209, Jan. 1987.   DOI   ScienceOn
2 V.S. Miller, "Use of elliptic curves in cryptography," CRYPTO'85, LNCS 218, pp. 417-426, 1986.
3 N. Meloni, "New point addition formulae for ECC Applications," WAIFI'07, LNCS 4547, pp. 189-201. Jun. 2007.
4 A. Byrne, F. Crowe, W.P. Marnane, N. Meloni, A. Tisserand, and E. Popovici, "SPA resistant elliptic curve cryptosystem using addition chains," International Journal of High Performance Systems Architecture, Vol. 1, no.2, pp. 133-142, Oct. 2007.   DOI   ScienceOn
5 R.R. Goundar, M. Joye and A. Miyaji, "Co-Z addition formulæ and binary ladders on elliptic curves," In: Mangard, S., Standaert, F-X. (eds.) CHES'10. LNCS 6225, pp. 65-79. Aug. 2010.
6 J. Lopez and R. Dahab, "Fast multiplication on elliptic curves over GF(2m) without precomputation," CHES'99, LNCS 1717, pp. 316-327, Aug. 1999.
7 T. Izu and T. Takagi, "A fast parallel elliptic curve multiplication resistant against side channel attacks," PKC'02, LNCS 2274, pp. 280-296, Feb. 2002.
8 P. Kocher, "Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other Systems," Advances in Cryptology, Proc. CRYPTO'96, pp. 104-113, Aug. 1996.
9 D. Boneh, R.A. DeMillo and R.J. Lipton, "On the importance of eliminating errors in cryptographic computations," Journal of Cryptology, 2001; Extended abstract in Proc. EUROCRYPT'97, Vol. 14, no. 2, pp. 110-119, May. 1997.
10 F. Bao, R.H. Deng, Y. Han, A. Jeng, A.D. Narasimbalu and T. Ngair, "Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults," Security Protocols Workshop 1997, LNCS 1361, pp. 115-124, Apl. 1997.
11 J. Schmidt and C. Herbst, "A Practical Fault attack on Square and Multiply," FDTC'08, IEEE Computer Society, pp. 53-58, Aug. 2008.
12 P. Fouque and R. Lercier, "Fault Attack on Elliptic Curve with Montgomery Ladder Implementation," FDTC'08, IEEE Computer Society, pp. 92-98, Aug. 2008.
13 I. Biehl, B. Meyer, and V. Muller. "Differential fault attacks on elliptic curve cryptosystems," CRYPTO'00, LNCS 1880, pp. 131-146, Aug. 2000.
14 M. Ciet, M. Joye, "Elliptic curve cryptosystems in the presence of permanent and transient faults," Cryptology ePrint Archive, Vol. 36, no. 1, pp. 33-43, Jul. 2005.
15 J. Blomer, M. Otto, and J. Seifert, "Sign change fault attacks on elliptic curve cryptosystems," FDTC'06, LNCS 4236, pp 36-52, Oct. 2006.
16 J. Coron, "Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems," Proc. CHES'99, LNCS 1717, pp. 292-302, Aug. 1999.
17 A. Dominguez-Oviedo and M. Anwar Hasan, "Error Detection and Fault Tolerance in ECSM Using Input Randomization," IEEE Trans. Dependable and Secure Computing Vol. 6, no.3, pp. 175-187, Jul. 2009.   DOI
18 S. Pontarelli, G.C. Cardarilli, M. Re, and A. Salsano. "Error detection in addition chain based ecc point multiplication," IEEE International On-Line Testing Symposium, pp. 192-194, Jun. 2009.