Cryptology ePrint Archive: Report 2015/882
Using Modular Extension to Provably Protect Edwards Curves Against Fault Attacks
Margaux Dugardin and Sylvain Guilley and Martin Moreau and Zakaria Najm and Pablo Rauzy
Abstract: Fault injection attacks are a real-world threat to cryptosystems, in particular asymmetric cryptography. In this paper, we focus on countermeasures which guarantee the integrity of the computation result, hence covering most existing and future fault attacks. Namely, we study the modular extension protection scheme in previously existing and newly contributed variants of the countermeasure on elliptic curve scalar multiplication (ECSM) algorithms. We find that an existing countermeasure is incorrect and we propose new “test-free” variant of the modular extension scheme that fixes it. We then formally prove the correctness and security of modular extension: specifically, the fault non-detection probability is inversely proportional to the security parameter. Finally, we implement an ECSM protected with test-free modular extension during the elliptic curve operation to evaluate the efficient of this method on Edwards and twisted Edwards curves.
Category / Keywords: implementation / fault injection attack, countermeasure, asymmetric cryptography, elliptic curve cryptography, edwards curve, modular extension
Date: received 11 Sep 2015, last revised 14 Aug 2016
Contact author: pr at ai univ-paris8 fr
Available format(s): PDF | BibTeX Citation
Note: This version corresponds to the definitive submission for the proceedings of the PROOFS 2016 workshop.
Version: 20160814:122545 (All versions of this report)
Short URL: ia.cr/2015/882
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]