Cryptology ePrint Archive: Report 2008/081
Template Attacks on ECDSA
Marcel Medwed and Elisabeth Oswald
Abstract: Template attacks have been considered exclusively in the context of implementations of symmetric cryptographic algorithms on 8-bit
devices. Within these scenarios, they have proven to be the most
powerful attacks. This is not surprising because they assume the
most powerful adversaries. In this article we investigate how
template attacks can be applied to implementations of an asymmetric
cryptographic algorithm on a 32-bit platform. The asymmetric
cryptosystem under scrutiny is the elliptic curve digital signature
algorithm (ECDSA). ECDSA is particularly suitable for 32-bit
platforms. In this article we show that even SPA resistant
implementations of ECDSA on a typical 32-bit platform succumb to
template-based SPA attacks. The only way to secure such
implementations against template-based SPA attacks is to make them
resistant against DPA attacks.
Category / Keywords: implementation / elliptic curve cryptosystem, power analysis, template attacks
Date: received 21 Feb 2008
Contact author: Elisabeth Oswald at bristol ac uk
Available format(s): PDF | BibTeX Citation
Note: Report shows the practical application of template attacks to reveal ECDSA keys of an implementation on an ARM7 platform. We hope to submit an extended version of this paper soon.
Version: 20080227:044501 (All versions of this report)
Short URL: ia.cr/2008/081
[ Cryptology ePrint archive ]