Skip to main content
SpringerLink
Log in

Improved Zero Value Attack on XTR

  • Conference paper
Information Security and Privacy (ACISP 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3574))

Included in the following conference series:

Abstract

In 2000, Lenstra and Verheul presented the XTR Public Key System which used a subgroup of the multiplicative group GF(p 6) with a compact representation. In two other papers, Han et al. analyzed the security against power analysis of the XTR algorithms presented by Lenstra and Verheul in 2000. In particular they showed that the XTR Single Exponentiation (XTR-SE) is vulnerable to a modification of the Refined Power Analysis (MRPA) and they presented a countermeasure based on the XTR double exponentiation. In the first part of this paper, we show that this countermeasure is not efficient for some particular inputs. For these inputs, an attacker has a probability of 2/3 to retrieve the secret exponent with only one power measurement. In a second part, we show that all the inputs used by Han et al. for MRPA are not valid inputs for XTR. As one of these dangerous inputs can also be obtained by Fault Injection, we discuss about the different scenarios of attacks and about their respective countermeasures.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Akishita, T., Takagi, T.: Zero-value Point Attacks on Elliptic Curve Cryptosystem. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 218–233. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  2. Bar-El, H., Choukri, H., Naccache, D., Tunstall, M., Whelan, C.: The Sorcerer’s Apprentice Guide to Fault Attacks. In: Breveglieri, L., Koren, I. (eds.) Workshop on Fault Diagnosis and Tolerance in Cryptography – FDTC 2004, pp. 330–342. IEEE Computer Society, Los Alamitos (2004)

    Google Scholar 

  3. Ciet, M., Giraud, C.: Transient Fault Induction Attacks on XTR. In: LĂ³pez et al. [14], pp. 440–451

    Google Scholar 

  4. Fouque, P.-A., Valette, F.: The Doubling Attack: Why Upwards is better than Downwards. In: Walter, C.D., Koç, Ç.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 269–280. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  5. Golic, J., Tymen, C.: Multiplicative masking and power analysis of AES. In: Kaliski Jr. et al. [10], pp. 198–212

    Google Scholar 

  6. Goubin, L.: A Refined Power-Analysis Attack on Elliptic Curve Cryptosystem. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 199–210. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  7. Han, D.-G., Izu, T., Lim, J., Sakurai, K.: Modified Power-Analysis Attacks on XTR and an Efficient Countermeasure. In: LĂ³pez et al. [14], pp. 305–317

    Google Scholar 

  8. Han, D.-G., Lim, J., Sakurai, K.: On Security of XTR public key cryptosystems against Side Channel Attacks. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 454–465. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  9. Itoh, K., Izu, T., Takenak, M.: Address-bit Differential Power Analysis of Cryptographic Schemes OK-ECDH and OK-ECDSA. In: Kaliski Jr. et al. [10], pp. 129–143

    Google Scholar 

  10. Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.): CHES 2002. LNCS, vol. 2523. Springer, Heidelberg (2003)

    Google Scholar 

  11. Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Google Scholar 

  12. Lenstra, A.K., Verheul, E.R.: The XTR public key system. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 1–19. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  13. Lenstra, A.K., Verheul, E.R.: Fast irreductibility and subgroup membership testing in XTR. In: Kim, K. (ed.) PKC 2001. LNCS, vol. 1992, pp. 73–86. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  14. LĂ³pez, J., Qing, S., Okamoto, E. (eds.): ICICS 2004. LNCS, vol. 3269. Springer, Heidelberg (2004)

    MATH  Google Scholar 

  15. Novak, R.: SPA-Based Adaptive Chosen-Ciphertext Attack on RSA Implementation. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 252–262. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  16. Page, D., Stam, M.: On XTR and Side-Channel Analysis. In: Matsui, M., Zuccherato, R. (eds.) SAC 2004. LNCS, vol. 3357, pp. 54–68. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  17. Shparlinski, I.E.: On the Generalized Hidden Number Problem and Bit Security of XTR. In: Bozta, S., Sphparlinski, I. (eds.) AAECC 2001. LNCS, vol. 2227, pp. 268–277. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  18. Stam, M., Lenstra, A.K.: Speeding up XTR. In: Boyd, E. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 125–143. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  19. Verheul, E.R.: Evidence that XTR Is More Secure then Supersingular Elliptic Curve Cryptosystems. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 195–210. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Oberthur Card Systems SA, 25 rue Auguste Blanche, BP 133, 92800, Puteaux, France

    RĂ©gis Bevan

Authors
  1. RĂ©gis Bevan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Information Security Institute, Queensland University of Technology, GPO Box 2434, Qld 4001, Brisbane, Australia

    Colin Boyd

  2. Information Security Institute, Queensland University of Technology, GPO Box 2434, QLD 4001, Brisbane, Australia

    Juan Manuel GonzĂ¡lez Nieto

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bevan, R. (2005). Improved Zero Value Attack on XTR. In: Boyd, C., GonzĂ¡lez Nieto, J.M. (eds) Information Security and Privacy. ACISP 2005. Lecture Notes in Computer Science, vol 3574. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11506157_18

Download citation

  • DOI: https://doi.org/10.1007/11506157_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26547-4

  • Online ISBN: 978-3-540-31684-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation