Cryptology ePrint Archive: Report 2014/492

Fault attacks on pairing-based protocols revisited

Sanjit Chatterjee and Koray Karabina and Alfred Menezes

Abstract: Several papers have studied fault attacks on computing a pairing value e(P,Q), where P is a public point and Q is a secret point. In this paper, we observe that these attacks are in fact effective only on a small number of pairing-based protocols, and that too only when the protocols are implemented with specific symmetric pairings. We demonstrate the effectiveness of the fault attacks on a public-key encryption scheme, an identity-based encryption scheme, and an oblivious transfer protocol when implemented with a symmetric pairing derived from a supersingular elliptic curve with embedding degree 2.

Category / Keywords: cryptographic protocols / Fault attacks, pairing-based cryptography, supersingular elliptic curves

Date: received 20 Jun 2014, last revised 10 Jul 2014

Contact author: kkarabina at fau edu

Available format(s): PDF | BibTeX Citation

Version: 20140710:141401 (All versions of this report)

Short URL: ia.cr/2014/492

Discussion forum: Show discussion | Start new discussion