**Parallel scalar multiplication on general elliptic curves over $\mathbb{F}_p$ hedged against Non-Differential Side-Channel Attacks**

*Wieland Fischer and Christophe Giraud and Erik Woodward Knudsen and Jean-Pierre Seifert*

**Abstract: **For speeding up elliptic curve scalar multiplication and making it secure against side-channel attacks such as timing or power analysis, various
methods have been proposed using specifically chosen elliptic curves. We show that both goals can be achieved simultaneously even for conventional
elliptic curves over $\mathbb{F}_p$. This result is shown via two facts.
First, we recall the known fact that every elliptic curve over $\mathbb{F}_p$ admits a scalar
multiplication via a (Montgomery ladder) Lucas chain.
As such chains are known to be resistant against timing- and simple power/electromagnetic
radiation analysis attacks, the security of our scalar multiplication against timing and
simple power/electromagnetic radiation analysis follows.
Second, we show how to parallelize the 19 multiplications within the resulting
\lq\lq double" and \lq\lq add" formulas of the Lucas chain for the
scalar multiplication.
This parallelism together with the Lucas chain results in 10 parallel field multiplications per bit of the scalar.

Finally, we also report on a concrete successful implementation of the above mentioned scalar multiplication algorithm on a very recently developed and commercially available coprocessor for smart cards.

**Category / Keywords: **implementation / Elliptic Curves, Power Analysis, Efficient and Parallel Implementation, Scalar Multiplication

**Date: **received 9 Jan 2002

**Contact author: **Jean-Pierre Seifert at infineon com

**Available format(s): **Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

**Version: **20020109:194111 (All versions of this report)

**Short URL: **ia.cr/2002/007

[ Cryptology ePrint archive ]