scholarly journals A New Encoding Algorithm for a Multidimensional Version of the Montgomery Ladder

2020 ◽  
pp. 403-422
Author(s):  
Aaron Hutchinson ◽  
Koray Karabina
Keyword(s):  
Montgomery Ladder

scholarly journals Stochastic methods defeat regular RSA exponentiation algorithms with combined blinding methods

2021 ◽  
Vol 15 (1) ◽  
pp. 408-433
Author(s):  
Margaux Dugardin ◽  
Werner Schindler ◽  
Sylvain Guilley
Keyword(s):  
State Of The Art ◽  
Stochastic Methods ◽  
Rsa Algorithm ◽  
Montgomery Ladder ◽  
Channel Information ◽  
Probability Mass ◽  
The Cost ◽  
Noisy Measurements ◽  
Mass Functions ◽  
Larger Sample

Abstract Extra-reductions occurring in Montgomery multiplications disclose side-channel information which can be exploited even in stringent contexts. In this article, we derive stochastic attacks to defeat Rivest-Shamir-Adleman (RSA) with Montgomery ladder regular exponentiation coupled with base blinding. Namely, we leverage on precharacterized multivariate probability mass functions of extra-reductions between pairs of (multiplication, square) in one iteration of the RSA algorithm and that of the next one(s) to build a maximum likelihood distinguisher. The efficiency of our attack (in terms of required traces) is more than double compared to the state-of-the-art. In addition to this result, we also apply our method to the case of regular exponentiation, base blinding, and modulus blinding. Quite surprisingly, modulus blinding does not make our attack impossible, and so even for large sizes of the modulus randomizing element. At the cost of larger sample sizes our attacks tolerate noisy measurements. Fortunately, effective countermeasures exist.

Compression on the Twisted Jacobi Intersection

2021 ◽  
Vol 181 (4) ◽  
pp. 303-312
Author(s):  
Robert Dryło
Keyword(s):  
Elliptic Curves ◽  
Scalar Multiplication ◽  
Not Given ◽  
Montgomery Ladder ◽  
Standard Models

Formulas for doubling, differential addition and point recovery after compression were given for many standard models of elliptic curves, and allow for scalar multiplication after compression using the Montgomery ladder algorithm and point recovery on a curve after this multiplication. In this paper we give such formulas for the twisted Jacobi intersection au2 + v2 = 1, bu2 + w2 = 1. To our knowledge such formulas were not given for this model or for the Jacobi intersection. In projective coordinates these formulas have cost 2M +2S +6D for doubling and 5M + 2S + 6D for differential addition, where M; S; D are multiplication, squaring and multiplication by constants in a field, respectively, choosing suitable curve parameters cost of D may be small.

Elliptic Curve Cryptography on WISPs

2013 ◽  
pp. 562-583
Author(s):  
Michael Hutter ◽  
Erich Wenger ◽  
Markus Pelnar ◽  
Christian Pendl
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curve Cryptography ◽  
Public Key ◽  
Wireless Sensor ◽  
Binary Field ◽  
Montgomery Ladder ◽  
Sensing Platforms ◽  
Cryptographic Primitive ◽  
Prime Fields ◽  
Dedicated Hardware

In this chapter, the authors explore the feasibility of Elliptic Curve Cryptography (ECC) on Wireless Identification and Sensing Platforms (WISPs). ECC is a public-key based cryptographic primitive that has been widely adopted in embedded systems and Wireless Sensor Networks (WSNs). In order to demonstrate the practicability of ECC on such platforms, the authors make use of the passively powered WISP4.1DL UHF tag from Intel Research Seattle. They implemented ECC over 192-bit prime fields and over 191-bit binary extension fields and performed a Montgomery ladder scalar multiplication on WISPs with and without a dedicated hardware multiplier. The investigations show that when running at a frequency of 6.7 MHz, WISP tags that do not support a hardware multiplier need 8.3 seconds and only 1.6 seconds when a hardware multiplier is supported. The binary-field implementation needs about 2 seconds without support of a hardware multiplier. For the WISP, ECC over prime fields provides best performance when a hardware multiplier is available; binary-field based implementations are recommended otherwise. The use of ECC on WISPs allows the realization of different public-key based protocols in order to provide various cryptographic services such as confidentiality, data integrity, non-repudiation, and authentication.

Elliptic Curve Cryptography on WISPs

2013 ◽  
pp. 120-143
Author(s):  
Michael Hutter ◽  
Erich Wenger ◽  
Markus Pelnar ◽  
Christian Pendl
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curve Cryptography ◽  
Public Key ◽  
Wireless Sensor ◽  
Binary Field ◽  
Montgomery Ladder ◽  
Sensing Platforms ◽  
Cryptographic Primitive ◽  
Prime Fields ◽  
Dedicated Hardware

In this chapter, the authors explore the feasibility of Elliptic Curve Cryptography (ECC) on Wireless Identification and Sensing Platforms (WISPs). ECC is a public-key based cryptographic primitive that has been widely adopted in embedded systems and Wireless Sensor Networks (WSNs). In order to demonstrate the practicability of ECC on such platforms, the authors make use of the passively powered WISP4.1DL UHF tag from Intel Research Seattle. They implemented ECC over 192-bit prime fields and over 191-bit binary extension fields and performed a Montgomery ladder scalar multiplication on WISPs with and without a dedicated hardware multiplier. The investigations show that when running at a frequency of 6.7 MHz, WISP tags that do not support a hardware multiplier need 8.3 seconds and only 1.6 seconds when a hardware multiplier is supported. The binary-field implementation needs about 2 seconds without support of a hardware multiplier. For the WISP, ECC over prime fields provides best performance when a hardware multiplier is available; binary-field based implementations are recommended otherwise. The use of ECC on WISPs allows the realization of different public-key based protocols in order to provide various cryptographic services such as confidentiality, data integrity, non-repudiation, and authentication.

The Montgomery ladder on binary elliptic curves

2017 ◽  
Vol 8 (3) ◽  
pp. 241-258 ◽  
Author(s):  
Thomaz Oliveira ◽  
Julio López ◽  
Francisco Rodríguez-Henríquez
Keyword(s):  
Elliptic Curves ◽  
Montgomery Ladder

An Efficient Parallel Montgemery Cryptography for Multi-Core Processor

2013 ◽  
Vol 385-386 ◽  
pp. 1804-1807
Author(s):  
Shi Ji Yuan ◽  
Ming Feng Sun ◽  
Zhi Hua Liu ◽  
Wen Jing Huang
Keyword(s):  
Elliptic Curve ◽  
Elliptic Curve Cryptography ◽  
Processing Efficiency ◽  
Loop Unrolling ◽  
Data Parallel ◽  
Montgomery Ladder ◽  
Encryption And Decryption ◽  
Using Data ◽  
Multi Core Processor ◽  
And Task

The classical Montgomery ladder algorithm (MPL) is an effective way to improve the operational efficiency of elliptic curve cryptography. First, an improved MPL is proposed by loop unrolling, and then the Montgomery elliptic curve encryption and decryption process is realized using data parallel and task parallel. The experimental results show that the ratio of acceleration parallel processing efficiency can reach 70%, and the method can effectively improve the speed of elliptic curve encryption algorithm.

Sign in / Sign up

Export Citation Format

Share Document