Browse > Article
http://dx.doi.org/10.13089/JKIISC.2020.30.2.179

An Improved Horizontal Correlation Analysis Using Collision Characteristics on Lookup Table Based Scalar Multiplication Algorithms  

Park, Dongjun (Korea University)
Lee, Sangyub (Korea University)
Cho, Sungmin (Crypt and Tech)
Kim, HeeSeok (Korea University)
Hong, Seokhie (Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.30, no.2, 2020 , pp. 179-187 More about this Journal
Abstract
The FBC(Fixed-Base Comb) is a method to efficiently operate scalar multiplication, a core operation for signature generations of the ECDSA(Elliptic Curve Digital Signature Algorithm), utilizing precomputed lookup tables. Since the FBC refers to the table depending on the secret information and the values of the table are publicly known, an adversary can perform HCA(Horizontal Correlation Analysis), one of the single trace side channel attacks, to reveal the secret. However, HCA is a statistical analysis that requires a sufficient number of unit operation traces extracted from one scalar multiplication trace for a successful attack. In the case of the scalar multiplication for signature generations of ECDSA, the number of unit operation traces available for HCA is significantly fewer than the case of the RSA exponentiation, possibly resulting in an unsuccessful attack. In this paper, we propose an improved HCA on lookup table based scalar multiplication algorithms such as FBC. The proposed attack improves HCA by increasing the number of unit operation traces by determining such traces for the same intermediate value through collision analysis. The performance of the proposed attack increases as more secure elliptic curve parameters are used.
Keywords
Scalar Multiplication; Side Channel Attack; Single Trace Attack; Correlation Analysis; Collision Analysis;
Citations & Related Records
연도 인용수 순위
  • Reference
1 National Institute of Standards and Technology, "Digital Signature Standard (DSS)," FIPS 186-4, July 2013.
2 D. Hankerson, A. Menezes and S. Vanstone, Guide to elliptic curve cryptography, Springer, New York, pp. 75-186, 2004.
3 OpenSSL, "openssl software library" https://www.openssl.org/
4 GnuPG, "gnupg software library" https://gnupg.org/
5 Bitcoin Core, "bitcoin core software library" https://bitcoin.org/
6 E. Brier, C. Clavier, F. Olivier, "Correlation power analysis with a leakage model," Cryptographic Hardware and Embedded Systems - CHES 2004, LNCS 3156, pp. 16-29, Aug. 2004.
7 K. Gandolfi, C. Mourtel, F. Olivier, "Electromagnetic analysis: concrete results," Cryptographic Hardware and Embedded Systems - CHES 2001, LNCS 2162, pp. 251-261, May. 2001.
8 T. Kim, T. Kim, S. Hong, "Breaking Korea transit card with side-channel attack - Unauthorized recharging," Blackhat Asia, Mar. 2017
9 K. Kim, T. Kim, T. Kim, S. Ryu, "AES wireless keyboard - template attack for Eavesdropping," Blackhat Asia, Mar. 2018.
10 P. Kocher, J. Jaffe, B. Jun, "Differential power analysis," Advances in Cryptology - CRYPTO' 99, LNCS 1666, pp. 388-397, Aug. 1999.
11 C. Clavier, B. Feix, G. Gagnerot, M. Roussellet, V. Verneuil, "Horizontal correlation analysis on exponentiation," Information and Communications Security, LNCS 6476, pp. 46-61, Dec. 2010.
12 N. Hanley, H. Kim, M. Tunstall, "Exploiting collisions in addition chain-based exponentiation algorithms using a single trace," Topics in Cryptology - CT-RSA 2015, LNCS 9048, pp. 431-448, Apr. 2015.
13 H.M. Edwards, "A normal form for elliptic curves," Bulletin of the American Mathematical Society, vol. 44, no. 3, pp. 393-422, Apr. 2007.   DOI
14 A. Bauer, E. Jaulmes, E. Prouff, J.R. Reinhard, J. Wild, "Horizontal collision correlation attack on elliptic curves," Cryptography and Communications, vol. 7, no. 1, pp. 91-119, Mar. 2015.   DOI
15 J.S. Coron, "Resistance against differential power analysis for elliptic curve cryptosystems," Cryptographic Hardware and Embedded Systems - CHES 1999, LNCS 1717, pp. 292-302, Aug. 1999.
16 M. Joye, S.M. Yen, "The Montgomery powering ladder," Cryptographic Hardware and Embedded Systems - CHES 2002, LNCS 2523, pp. 291-302, Aug. 2002.
17 B. Gierlichs, K. Lemker-Rust, C. Paar, "Templates vs. stochastic methods," Cryptographic Hardware and Embedded Systems - CHES 2006, LNCS 4249, pp. 15-29, Oct. 2006.