Unified point addition formulæ and side-channel attacks

Average point operation timings for secp160r2 curve.

Abstract

The successful application to elliptic curve cryptography of side-channel attacks, in which information about the secret key can be recovered from the observation of side channels like power consumption, timing, or electromagnetic emissions, has motivated the recent development of unified formulæ for elliptic curve point operations. In this paper, we show how an attack introduced by Walter can be improved and used against the unified formulæ of Brier, Déchène and Joye when it relies on a standard field arithmetic implementation, both in affine and projective coordinates. We also describe how the field arithmetic might be implemented to obtain more uniform operations that avoid this type of attack.

Keywords: elliptic-curve cryptography, side-channel attacks, unified point addition formulæ, projective coordinates

Reference

Douglas Stebila, Nicolas Thériault. Unified point addition formulæ and side-channel attacks. In Louis Goubin, Mitsuru Matsui, editors, Proc. Cryptographic Hardware and Embedded Systems (CHES) 2006, LNCS, vol. 4249, pp. 354-368. Springer, October 2006. © IACR.

Download

BibTeX

Funding

This research was supported by:
  • NSERC Canada Graduate Scholarship
  • Sun Microsystems Laboratories
  • CIAR
  • MITACS
  • CFI
  • ORDCF