Paper 2006/237

Side Channel Analysis of Practical Pairing Implementations: Which Path is More Secure?

Claire Whelan and Mike Scott

Abstract

We present an investigation into the security of three practical pairing algorithms; the Tate, Eta and Ate pairing, in terms of side channel vulnerability. These three algorithms have recently shown to be efficiently computable on the resource constrained smart card, yet no in depth side channel analysis has yet appeared in the literature. Since the secret parameter input to the pairing can potentially be entered in either of the two possible positions, there exist two avenues of attack, i.e. e(P,Q) or e(Q,P) where P is public and Q is private. We analyse the core operations fundamental to pairings and not only highlight how each implementation may potentially succumb to a side channel attack, but also show how one path is more susceptible than the other in Tate and Ate. For those who wish to deploy pairing based systems we make a simple suggestion to improve resistance to side channel attacks.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Keywords
Side Channel Analysis (SCA)Pairing Based CryptographyCorrelation Power Analysis (CPA)Tate Pairing.
Contact author(s)
cwhelan @ computing dcu ie
History
2006-07-13: revised
2006-07-13: received
See all versions
Short URL
https://ia.cr/2006/237
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2006/237,
      author = {Claire Whelan and Mike Scott},
      title = {Side Channel Analysis of Practical Pairing Implementations: Which Path is More Secure?},
      howpublished = {Cryptology {ePrint} Archive, Paper 2006/237},
      year = {2006},
      url = {https://eprint.iacr.org/2006/237}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.