• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.4 no.4
• /
• pp.318-326
• /
• 2011

Public key cryptosystem applications are very difficult in Ubiquitos environments due to computational complexity, memory and power constrains. HECC offers the same of levels of security with much shorter bit-lengths than RSA or ECC. Scalar multiplication is the core operation in HECC. T.Lange proposed inverse free scalar multiplication on genus 2 HECC. However, further coordinate must be access to SCA and need more storage space. This paper developed secure scalar multiplication algorithm with simultaneous inversion algorithm in HECC. To improve the over all performance and security, the proposed algorithm adopt the comparable technique of the simultaneous inversion algorithm. The proposed algorithm is resistant to DPA and SPA.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.65-70
• /
• 2003

In this paper, we propose a scalar multiplication method and its hardware architecture which is resistant to SPA while its computation speed is faster than Colon's. There were SPA-resistant scalar multiplication method which has performance problem. Due to this reason, the research about an efficient SPA-resistant scalar multiplication is one of important topics. The proposed architecture resists to SPA and is faster than Colon's method under the assumption that Colon's and the proposed method use same fmite field arithmetic units(multiplier and inverter). With n-bit scalar multiple, the computation cycle of the proposed is 2n·(Inversion cycle)+3(Aultiplication cycle).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.57-64
• /
• 2003

Recently, it has been shown that cryptographic devices such as smart cards are vulnerable to power attacks. In this paper, by mixing the randomization concept and the folding in half for secret scalar integer on ECCs, we propose an efficient and fast scalar multiplication algorithm to resist against simple power analysis(SPA) and differential power analysis(DPA) attacks. Our proposed algorithm as a countermeasure against SPA and DPA is estimated as a 33% speedup compared to the binary scalar multiplication.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.115-123
• /
• 2007

In cryptographic devices like a smart-card whose computing ability and memory are limited, cryptographic algorithms should be performed efficiently. Scalar multiplication is very important operation in Elliptic Curve Cryptosystems, and so must be constructed in safety against side channel attack(SCA). But several countermeasures proposed against SCA are exposed weaknesses by new un-dreamed analysis. 'Double-and-add always scalar multiplication' algorithm adding dummy operation being known to secure against SPA is exposed weakness by Doubling Attack. But Doubling Attack cannot apply to sABS receding proposed by Hedabou, that is another countermeasure against SPA. Our paper proposes new strengthened Doubling Attacks that can break sABS receding SPA-countermeasure and a detailed method of our attacks through experimental result.

• Journal of Internet of Things and Convergence
• /
• v.6 no.2
• /
• pp.25-29
• /
• 2020

The elliptic curve crypto-algorithm is widely used in authentication for IoT environment, since it has small key size and low communication overhead compare to the RSA public key algorithm. If the scalar multiplication, a core operation of the elliptic curve crypto-algorithm, is not implemented securely, attackers can find the secret key to use simple power analysis or differential power analysis. In this paper, an elliptic curve scalar multiplication algorithm using a randomized scalar and an elliptic curve point blinding is suggested. It is resistant to power analysis but does not significantly reduce efficiency. Given a random r and an elliptic curve random point R, the elliptic scalar multiplication kP = u(P+R)-vR is calculated by using the regular variant Shamir's double ladder algorithm, where l+20-bit u≡rn+k(modn) and v≡rn-k(modn) using 2^lP=∓cP for the case of the order n=2^l±c.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.29 no.5C
• /
• pp.726-736
• /
• 2004

In this paper, we proposed a new scalar multiplier structure needed for an elliptic curve cryptosystem(ECC) over the standard basis in GF(2$^{163}$ ). It consists of a bit-serial multiplier and a divider with control logics, and the divider consumes most of the processing time. To speed up the division processing, we developed a new division algorithm based on the extended Euclid algorithm. Dynamic data dependency of the Euclid algorithm has been transformed to static and fixed data flow by a localization technique, to make it independent of the input and field polynomial. Compared to other existing scalar multipliers, the new scalar multiplier requires smaller gate counts with improved processor performance. It has been synthesized using Samsung 0.18 um CMOS technology, and the maximum operating frequency is estimated 250 MHz. The resulting performance is 148 kbps, that is, it takes 1.1 msec to process a 163-bit data frame. We assure that this performance is enough to be used for digital signature, encryption/decryption, and key exchanges in real time environments.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2004.05b
• /
• pp.784-787
• /
• 2004

The most time-consuming back-bone operation in an elliptic curve cryptosystem is scalar multiplication. In this paper, we propose a method of inducing a GF operation named point quadruple operation to be used in the quad-and-add algorithm, whith was achieved by refining the traditional double-and-add algorithm. Induced expression of the algorithm was verified and proven by C program in a real model of calculation. The point quadruple operation can be used in fast and efficient implementation of scalar multiplication operation.

• The Journal of the Korea Contents Association
• /
• v.20 no.1
• /
• pp.356-363
• /
• 2020

As a becoming era of Internet-of-Things, various devices are connected via wire or wirless networks. Although every day life is more convenient, security problems are also increasing such as privacy, information leak, denial of services. Since ECC, a kind of public key cryptosystem, has a smaller key size compared to RSA, it is widely used for environmentally constrained devices. The key of ECC in constrained devices can be exposed to power analysis attacks during scalar multiplication operation. In this paper, a key-randomization method is suggested for scalar multiplication on SECG parameters. It is against differential power analysis and has operational efficiency. In order to increase of operational efficiency, the proposed method uses the property 2^lP=∓cP where the constant c is small compared to the order n of SECG parameters and n=2^l±c. The number of operation for the Coron's key-randomization scalar multiplication algorithm is 21, but the number of operation for the proposed method in this paper is (3/2)l. It has efficiency about 25% compared to the Coron's method using full random numbers.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.26 no.8
• /
• pp.1172-1179
• /
• 2022

This paper describes a design of point scalar multiplier for public-key cryptography based on binary Edwards curves (BEdC). For efficient implementation of point addition (PA) and point doubling (PD) on BEdC, projective coordinate was adopted for finite field arithmetic, and computational performance was improved because only one inversion was involved in point scalar multiplication (PSM). By applying optimizations to hardware design, the storage and arithmetic steps for finite field arithmetic in PA and PD were reduced by approximately 40%. We designed two types of point scalar multipliers for BEdC, Type-I uses one 257-b×257-b binary multiplier and Type-II uses eight 32-b×32-b binary multipliers. Type-II design uses 65% less LUTs compared to Type-I, but it was evaluated that it took about 3.5 times the PSM computation time when operating with 240 MHz. Therefore, the BEdC crypto core of Type-I is suitable for applications requiring high-performance, and Type-II structure is suitable for applications with limited resources.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2001.11a
• /
• pp.132-138
• /
• 2001

본 논문에서는 타원곡선 스칼라 곱셈에 대하여 새로운 형태의 hardware fault cryptanalysis를 적용해 보고, 이에 대한 대응방법으로서 비밀키 blinding방법을 제안하고 있다. 또한 비밀키 blinding 방법을 사용함으로써 늘어나는 연산량을 기존의 대응 방법과 비교하고, 이러한 비밀키 blinding방법이 사용될 수 있는 범위에 대해 다루고 있다.