Skip to main content
SpringerLink
Log in

Side Channel Attack on Ha-Moon’s Countermeasure of Randomized Signed Scalar Multiplication

  • Conference paper
Progress in Cryptology - INDOCRYPT 2003 (INDOCRYPT 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2904))

Included in the following conference series:

Abstract

Side channel attacks (SCA) are serious attacks on mobile devices. In SCA, the attacker can observe the side channel information while the device performs the cryptographic operations, and he/she can detect the secret stored in the device using such side channel information. Ha-Moon proposed a novel countermeasure against side channel attacks in elliptic curve cryptosystems (ECC). The countermeasure is based on the signed scalar multiplication with randomized concept, and does not pay the penalty of speed. Ha-Moon proved that the countermeasure is secure against side channel attack theoretically, and confirmed its immunity experimentally. Thus Ha-Moon’s countermeasure seems to be very attractive. In this paper we propose a novel attack against Ha-Moon’s countermeasure, and show that the countermeasure is vulnerable to the proposed attack. The proposed attack utilizes a Markov chain for detecting the secret. The attacker determines the transitions in the Markov chain using side channel information, then detects the relation between consecutive two bits of the secret key, instead of bits of the secret key as they are. The use of such relations drastically reduces the search space for the secret key, and the attacker can easily reveal the secret. In fact, around twenty observations of execution of the countermeasure are sufficient to detect the secret in the case of the standard sizes of ECC. Therefore, Ha-Moon’s countermeasure is not recommended for cryptographic use.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Brier, É., Joye, M.: Weierstrass Elliptic Curves and Side-Channel Attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 335–345. Springer, Heidelberg (2002)

    Google Scholar 

  2. Cohen, H., Miyaji, A., Ono, T.: Efficient Elliptic Curve Exponentiation Using Mixed Coordinates. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 51–65. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  3. Coron, J.S.: Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  4. Ebeid, N., Hasan, A.: Analysis ofDPA Countermeasures Based on Randomizing the Binary Algorithm, Technical Report of the University of Waterloo, No. CORR 2003-14, http://www.cacr.math.uwaterloo.ca/techreports/2003/corr2003-14.ps

  5. Fischer, W., Giraud, C., Knudsen, E.W., Seifert, J.P.: Parallel scalar multiplication on general elliptic curves over \(\mathbb{F}\) p hedged against Non-Differential Side-Channel Attacks. In: International Association for Cryptologic Research (IACR), Cryptology ePrint Archive 2002/007 (2002), http://eprint.iacr.org/2002/007/

  6. Ha, J., Moon, S.: Randomized Signed-Scalar Multiplication of ECC to Resist Power Attacks. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 551–563. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  7. Han, D.-G., Chang, N.S., Jung, S.W., Park, Y.-H., Kim, C.H., Ryu, H.: Cryptanalysis of the Full version Randomized Addition-Subtraction Chains. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 67–78. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  8. Itoh, K., Yajima, J., Takenaka, M., Torii, N.: DPA Countermeasures by improving the Window Method. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 318–332. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Izu, T., Takagi, T.: A Fast Parallel Elliptic Curve Multiplication Resistant against Side Channel Attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 280–296. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  10. Joye, M., Quisquater, J.J.: Hessian elliptic curves and side-channel at- tacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 402–410. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  11. Joye, M., Tymen, C.: Protections against differential analysis for elliptic curve cryptography: An algebraic approach. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 377–390. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  12. Koblitz, N.: Elliptic curve cryptosystems. Math. Comp. 48, 203–209 (1987)

    Article  MATH  MathSciNet  Google Scholar 

  13. Kocher, C.: Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  14. Kocher, C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Google Scholar 

  15. Liardet, P.Y., Smart, N.P.: Preventing SPA/DPA in ECC systems using the Jacobi form. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 391–401. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  16. Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)

    Google Scholar 

  17. Müller, B.: Securing Elliptic Curve Point Multiplication against Side-Channel Attacks. In: Davida, G.I., Frankel, Y. (eds.) ISC 2001. LNCS, vol. 2200, pp. 324–334. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  18. Müller, B.: Securing elliptic curve point multiplication against side-channel attacks, addendum: Efficiency improvement (2001), http://www.informatik.tu-darmstadt.de/TI/Mitarbeiter/moeller/ecc-scaisc01.pdf

  19. Oswald, E., Aigner, M.: Randomized Addition-Subtraction Chains as a Countermeasure against Power Attacks. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 39–50. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  20. Okeya, K., Miyazaki, K., Sakurai, K.: A Fast Scalar Multiplication Method with Randomized Projective Coordinates on a Montgomery-form Elliptic Curve Secure against Side Channel Attacks. In: Kim, K.-c. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 428–439. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  21. Okeya, K., Sakurai, K.: Power Analysis Breaks Elliptic Curve Cryptosys-tems even Secure against the Timing Attack. In: Roy, B., Okamoto, E. (eds.) INDOCRYPT 2000. LNCS, vol. 1977, pp. 178–190. Springer, Heidelberg (2000)

    Google Scholar 

  22. Okeya, K., Sakurai, K.: On Insecurity of the Side Channel Attack Coun-termeasure using Addition-Subtraction Chains under Distinguishability between Addition and Doubling. In: Batten, L.M., Seberry, J. (eds.) ACISP 2002. LNCS, vol. 2384, pp. 420–435. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  23. Okeya, K., Sakurai, K.: A Multiple Power Analysis Breaks the Advanced Version of the Randomized Addition-Subtraction Chains Countermeasure against Side Channel Attacks. In: The proceedings of2003 IEEE Information Theory Workshop (ITW 2003), pp. 175–178 (2003)

    Google Scholar 

  24. Okeya, K., Takagi, T.: The Width-w NAF Method Provides Small Memory and Fast Elliptic Scalar Multiplications Secure against Side Channel Attacks. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 328–342. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  25. Walter, C.D.: MIST: An Efficient, Randomized Exponentiation Algorithm for Resisting Power Analysis. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 53–66. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  26. Walter, C.D.: Some Security Aspects of the Mist Randomized Exponentiation Algorithm. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 564–578. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  27. Walter, C.D.: Breaking the Liardet-Smart Randomized Exponentiation Algorithm. In: Proceedings of CARDIS 2002, USENIX Assoc., pp. 59–68 (2002)

    Google Scholar 

  28. Walter, C.D.: Security Constraints on the Oswald-Aigner Exponentiation Algorithm. In: International Association for Cryptologic Research (IACR), Cryptology ePrint Archive 2003/013 (2003), http://eprint.iacr.org/2003/013/

  29. Walter, C.D.: Seeing through Mist Given a Small Fraction of an RSA Private Key. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 391–402. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Hitachi, Ltd., Systems Development Laboratory, 292, Yoshida-cho, Totsuka-ku, Yokohama, 244-0817, Japan

    Katsuyuki Okeya

  2. Center for Information and Security Technologies (CIST), Korea University, Seoul, KOREA

    Dong-Guk Han

Authors
  1. Katsuyuki Okeya
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dong-Guk Han
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dept. of Electrical and Information Technology, Lund University, P.O. Box 118, 221 00, Lund, Sweden

    Thomas Johansson

  2. Indian Statistical Institute, 203 B T Road, 700 108, Kolkata, India

    Subhamoy Maitra

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Okeya, K., Han, DG. (2003). Side Channel Attack on Ha-Moon’s Countermeasure of Randomized Signed Scalar Multiplication. In: Johansson, T., Maitra, S. (eds) Progress in Cryptology - INDOCRYPT 2003. INDOCRYPT 2003. Lecture Notes in Computer Science, vol 2904. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24582-7_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24582-7_25

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20609-5

  • Online ISBN: 978-3-540-24582-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation