10 research outputs found
Regular Ternary Algorithm for Scalar Multiplication on Elliptic Curves over Finite Fields of Characteristic Three
In this paper we propose an efficient and regular ternary algorithm for scalar multiplication on elliptic curves over finite fields of characteristic three.
This method is based on full signed ternary expansion of a scalar to be multiplied. The cost per bit of this algorithm is lower than that of all previous ones
Algorithms and cryptographic protocols using elliptic curves
En els darrers anys, la criptografia amb corbes el.líptiques ha
adquirit una importància creixent, fins a arribar a formar part en
la actualitat de diferents estàndards industrials. Tot i que s'han
dissenyat variants amb corbes el.líptiques de criptosistemes
clàssics, com el RSA, el seu màxim interès rau en la seva
aplicació en criptosistemes basats en el Problema del Logaritme
Discret, com els de tipus ElGamal. En aquest cas, els
criptosistemes el.líptics garanteixen la mateixa seguretat que els
construïts sobre el grup multiplicatiu d'un cos finit primer, però
amb longituds de clau molt menor.
Mostrarem, doncs, les bones propietats d'aquests criptosistemes,
així com els requeriments bàsics per a que una corba
sigui criptogràficament útil, estretament relacionat amb la seva
cardinalitat. Revisarem alguns mètodes que permetin descartar
corbes no criptogràficament útils, així com altres que permetin
obtenir corbes bones a partir d'una de donada. Finalment,
descriurem algunes aplicacions, com són el seu ús en Targes
Intel.ligents i sistemes RFID, per concloure amb alguns avenços
recents en aquest camp.The relevance of elliptic curve cryptography has grown in recent
years, and today represents a cornerstone in many industrial
standards. Although elliptic curve variants of classical
cryptosystems such as RSA exist, the full potential of elliptic
curve cryptography is displayed in cryptosystems based on the
Discrete Logarithm Problem, such as ElGamal. For these, elliptic
curve cryptosystems guarantee the same security levels as their
finite field analogues, with the additional advantage of using
significantly smaller key sizes.
In this report we show the positive properties of elliptic curve
cryptosystems, and the requirements a curve must meet to be
useful in this context, closely related to the number of points.
We survey methods to discard cryptographically uninteresting
curves as well as methods to obtain other useful curves from
a given one. We then describe some real world applications
such as Smart Cards and RFID systems and conclude with a
snapshot of recent developments in the field
An Analysis of ZVP-Attack on ECC Cryptosystems
Elliptic curve cryptography (ECC) is an efficient public cryptosystem with
a short key size. For this reason it is suitable for implementing on memory-constraint
devices such as smart cards, mobile devices, etc. However, these devices leak information
about their private key through side channels (power consumption, electromagnetic
radiation, timing etc) during cryptographic processing. In this paper we have examined
countermeasures against a specific class of side channel attacks (power analysis) called
Zero-Value Point Attack (ZVP), using elliptic curve isomorphism and isogeny. We found
that these methods are an efficient way of securing cryptographic devices using ECC
against ZVP attack. Our main contribution is to extend the work of Akishita and Takagi
[3,2] to binary fields. We also provide a more detail analysis of the ZVP attack over
prime fields
Fast and Regular Algorithms for Scalar Multiplication over Elliptic Curves
Elliptic curve cryptosystems are more and more widespread in everyday-life applications. This trend should still gain momentum in coming years thanks to the exponential security enjoyed by these systems compared to the subexponential security of other systems such as RSA. For this reason, efficient elliptic curve arithmetic is still a hot topic for cryptographers. The core operation of elliptic curve cryptosystems is the scalar multiplication which multiplies some point on an elliptic curve by some (usually secret) scalar. When such an operation is implemented on an embedded system such as a smart card, it is subject to {\em side channel attacks}. To withstand such attacks, one must constrain the scalar multiplication algorithm to be {\em regular}, namely to have an operation flow independent of the input scalar. A large amount of work has been published that focus on efficient and regular scalar multiplication and the choice leading to the best performances in practice is not clear. In this paper, we look into this question for general-form elliptic curves over large prime fields and we complete the current state-of-the-art. One of the fastest low-memory algorithms in the current literature is the Montgomery ladder using co- Jacobian arithmetic {\em with and coordinates only}. We detail the regular implementation of this algorithm with various trade-offs and we introduce a new binary algorithm achieving comparable performances. For implementations that are less constrained in memory, windowing techniques and signed exponent recoding enable reaching better timings. We survey regular algorithms based on such techniques and we discuss their security with respect to side-channel attacks. On the whole, our work give a clear view of the currently best time-memory trade-offs for regular implementation of scalar multiplication over prime-field elliptic curves
Survey for Performance & Security Problems of Passive Side-channel Attacks Countermeasures in ECC
The main objective of the Internet of Things is to interconnect everything around us to obtain information which was unavailable to us before, thus enabling us to make better decisions. This interconnection of things involves security issues for any Internet of Things key technology. Here we focus on elliptic curve cryptography (ECC) for embedded devices, which offers a high degree of security, compared to other encryption mechanisms. However, ECC also has security issues, such as Side-Channel Attacks (SCA), which are a growing threat in the implementation of cryptographic devices. This paper analyze the state-of-the-art of several proposals of algorithmic countermeasures to prevent passive SCA on ECC defined over prime fields. This work evaluates the trade-offs between security and the performance of side-channel attack countermeasures for scalar multiplication algorithms without pre-computation, i.e. for variable base point.
Although a number of results are required to study the state-of-the-art of side-channel attack in elliptic curve cryptosystems, the interest of this work is to present explicit solutions that may be used for the future implementation of security mechanisms suitable for embedded devices applied to Internet of Things. In addition security problems for the countermeasures are also analyzed
Zero-Value Point Attacks on Elliptic Curve Cryptosystem
The di#erential power analysis (DPA) might break the implementation of elliptic curve cryptosystem (ECC) on memory constraint devices. Goubin proposed a variant of DPA using the point (0, y), which is not randomized in Jacobian coordinates or in the isomorphic class. This point often exists in the standard curves, and we have to care this attack
Key Randomization Countermeasures to Power Analysis Attacks on Elliptic Curve Cryptosystems
It is essential to secure the implementation of cryptosystems in
embedded devices agains side-channel attacks. Namely, in order to
resist differential (DPA) attacks, randomization techniques should be
employed to decorrelate the data processed by the device from
secret key parts resulting in the value of this data. Among the
countermeasures that appeared in the literature were those that
resulted in a random representation of the key known as the binary
signed digit representation (BSD). We have discovered some interesting
properties related to the number of possible BSD representations for
an integer and we have proposed a different randomization
algorithm. We have also carried our study to the -adic
representation of integers which is employed in elliptic curve
cryptosystems (ECCs) using Koblitz curves. We have then dealt with
another randomization countermeasure which is based on randomly
splitting the key. We have investigated the secure employment of this
countermeasure in the context of ECCs