Power attacks on a side-channel resistant elliptic curve implementation

2004 ◽  
Vol 91 (1) ◽  
pp. 29-32 ◽  
Author(s):  
Willi Geiselmann ◽  
Rainer Steinwandt
Keyword(s):  
Elliptic Curve ◽  
Side Channel ◽  
Power Attacks

Power Side-Channel Analysis of RNS GLV ECC Using Machine and Deep Learning Algorithms

2021 ◽  
Vol 21 (3) ◽  
pp. 1-20
Author(s):  
Mohamad Ali Mehrabi ◽  
Naila Mukhtar ◽  
Alireza Jolfaei
Keyword(s):  
Deep Learning ◽  
Elliptic Curve ◽  
Smart Cities ◽  
Information Leakage ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Public Key Cryptosystems ◽  
Elliptic Curve Cryptosystems ◽  
Hardware Implementations ◽  
Substantial Progress

Many Internet of Things applications in smart cities use elliptic-curve cryptosystems due to their efficiency compared to other well-known public-key cryptosystems such as RSA. One of the important components of an elliptic-curve-based cryptosystem is the elliptic-curve point multiplication which has been shown to be vulnerable to various types of side-channel attacks. Recently, substantial progress has been made in applying deep learning to side-channel attacks. Conceptually, the idea is to monitor a core while it is running encryption for information leakage of a certain kind, for example, power consumption. The knowledge of the underlying encryption algorithm can be used to train a model to recognise the key used for encryption. The model is then applied to traces gathered from the crypto core in order to recover the encryption key. In this article, we propose an RNS GLV elliptic curve cryptography core which is immune to machine learning and deep learning based side-channel attacks. The experimental analysis confirms the proposed crypto core does not leak any information about the private key and therefore it is suitable for hardware implementations.

scholarly journals Online Template Attacks: Revisited

2021 ◽  
pp. 28-59
Author(s):  
Alejandro Cabrera Aldaya ◽  
Billy Bob Brumley
Keyword(s):  
Power Consumption ◽  
Elliptic Curve ◽  
Side Channel ◽  
Powerful Technique ◽  
Leakage Model ◽  
On Demand ◽  
Side Channels ◽  
Generic Framework ◽  
Template Attacks ◽  
Elliptic Curve Scalar Multiplication

An online template attack (OTA) is a powerful technique previously used to attack elliptic curve scalar multiplication algorithms. This attack has only been analyzed in the realm of power consumption and EM side channels, where the signals leak related to the value being processed. However, microarchitecture signals have no such feature, invalidating some assumptions from previous OTA works.In this paper, we revisit previous OTA descriptions, proposing a generic framework and evaluation metrics for any side-channel signal. Our analysis reveals OTA features not previously considered, increasing its application scenarios and requiring a fresh countermeasure analysis to prevent it.In this regard, we demonstrate that OTAs can work in the backward direction, allowing to mount an augmented projective coordinates attack with respect to the proposal by Naccache, Smart and Stern (Eurocrypt 2004). This demonstrates that randomizing the initial targeted algorithm state does not prevent the attack as believed in previous works.We analyze three libraries libgcrypt, mbedTLS, and wolfSSL using two microarchitecture side channels. For the libgcrypt case, we target its EdDSA implementation using Curve25519 twist curve. We obtain similar results for mbedTLS and wolfSSL with curve secp256r1. For each library, we execute extensive attack instances that are able to recover the complete scalar in all cases using a single trace.This work demonstrates that microarchitecture online template attacks are also very powerful in this scenario, recovering secret information without knowing a leakage model. This highlights the importance of developing secure-by-default implementations, instead of fix-on-demand ones.

Parallel crypto-devices for GF(p) elliptic curve multiplication resistant against side channel attacks

2009 ◽  
Vol 35 (2) ◽  
pp. 329-338 ◽  
Author(s):  
Santosh Ghosh ◽  
Monjur Alam ◽  
Dipanwita Roy Chowdhury ◽  
Indranil Sen Gupta
Keyword(s):  
Elliptic Curve ◽  
Side Channel ◽  
Side Channel Attacks

scholarly journals Design and Validation of Low-Power Secure and Dependable Elliptic Curve Cryptosystem

2021 ◽  
Vol 11 (4) ◽  
pp. 43
Author(s):  
Bikash Poudel ◽  
Arslan Munir ◽  
Joonho Kong ◽  
Muazzam A. Khan
Keyword(s):  
Elliptic Curve ◽  
Acoustic Analysis ◽  
Fitness Function ◽  
Scalar Multiplication ◽  
Fault Analysis ◽  
Boolean Logic ◽  
Side Channel ◽  
Elliptic Curve Cryptosystem ◽  
Non Invasive ◽  
Field Programmable

The elliptic curve cryptosystem (ECC) has been proven to be vulnerable to non-invasive side-channel analysis attacks, such as timing, power, visible light, electromagnetic emanation, and acoustic analysis attacks. In ECC, the scalar multiplication component is considered to be highly susceptible to side-channel attacks (SCAs) because it consumes the most power and leaks the most information. In this work, we design a robust asynchronous circuit for scalar multiplication that is resistant to state-of-the-art timing, power, and fault analysis attacks. We leverage the genetic algorithm with multi-objective fitness function to generate a standard Boolean logic-based combinational circuit for scalar multiplication. We transform this circuit into a multi-threshold dual-spacer dual-rail delay-insensitive logic (MTD3L) circuit. We then design point-addition and point-doubling circuits using the same procedure. Finally, we integrate these components together into a complete secure and dependable ECC processor. We design and validate the ECC processor using Xilinx ISE 14.7 and implement it in a Xilinx Kintex-7 field-programmable gate array (FPGA).

scholarly journals From A to Z: Projective coordinates leakage in the wild

2020 ◽  
pp. 428-453
Author(s):  
Alejandro Cabrera Aldaya ◽  
Cesar Pereida García ◽  
Billy Bob Brumley
Keyword(s):  
Elliptic Curve ◽  
Original Description ◽  
Projective Representation ◽  
Scalar Multiplication ◽  
Side Channel ◽  
Side Channel Attack ◽  
Signature Generation ◽  
The Status ◽  
In The Wild ◽  
Algorithm Implementation

At EUROCRYPT 2004, Naccache et al. showed that the projective coordinates representation of the resulting point of an elliptic curve scalar multiplication potentially allows to recover some bits of the scalar. However, this attack has received little attention by the scientific community, and the status of deployed mitigations to prevent it in widely adopted cryptography libraries is unknown. In this paper, we aim to fill this gap, by analyzing several cryptography libraries in this context. To demonstrate the applicability of the attack, we use a side-channel attack to exploit this vulnerability within libgcrypt in the context of ECDSA. To the best of our knowledge, this is the first practical attack instance. It targets the insecure binary extended Euclidean algorithm implementation using a microarchitectural side-channel attack that allows recovering the projective representation of the output point of scalar multiplication during ECDSA signature generation. We captured 100k traces to estimate the number of traces an attacker would need to compromise the libgcrypt ECDSA implementation, resulting in less than 2k for commonly used elliptic curve secp256r1, demonstrating the attack feasibility. During exploitation, we found two additional vulnerabilities. However, we remark the purpose of this paper is not merely exploiting a library but about providing an analysis on the projective coordinates vulnerability status in widely deployed open-source libraries, filling a gap between its original description in the academic literature and the adoption of countermeasures to thwart it in real-world applications.

Sign in / Sign up

Export Citation Format

Share Document