Paper 2011/709

Fault Attack against Miller's algorithm

Nadia El Mrabet

Abstract

We complete the study of [23] and [27] about Miller's algorithm. Miller's algorithm is a central step to compute the Weil, Tate and Ate pairings. The aim of this article is to analyze the weakness of Miller's algorithm when it undergoes a fault attack. We prove that Miller's algorithm is vulnerable to a fault attack which is valid in all coordinate systems, through the resolution of a nonlinear system. We highlight the fact that putting the secret as the rst argument of the pairing is not a countermeasure. This article is an extensed version of the article [15].

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Extended version of citation [15].
Keywords
Pairing Based CryptographySide Channel AttacksFault attacks
Contact author(s)
elmrabet @ ai univ-paris8 fr
History
2011-12-31: received
Short URL
https://ia.cr/2011/709
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2011/709,
      author = {Nadia El Mrabet},
      title = {Fault Attack against Miller's algorithm},
      howpublished = {Cryptology ePrint Archive, Paper 2011/709},
      year = {2011},
      note = {\url{https://eprint.iacr.org/2011/709}},
      url = {https://eprint.iacr.org/2011/709}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.