Cryptology ePrint Archive: Report 2014/191

Side-Channel Analysis on Blinded Regular Scalar Multiplications

Benoit Feix and Mylène Roussellet and Alexandre Venelli

Abstract: We present a new side-channel attack path threatening state-of-the-art protected implementations of elliptic curves embedded scalar multiplications. Regular algorithms such as the double-and-add-always and the Montgomery ladder are commonly used to protect the scalar multiplication from simple side-channel analysis. Combining such algorithms with scalar and/or point blinding countermeasures lead to scalar multiplications protected from all known attacks. Scalar randomization, which consists in adding a random multiple of the group order to the scalar value, is a popular countermeasure due to its efficiency. Amongst the several curves defined for usage in elliptic curves products, the most used are those standardized by the NIST. The modulus, hence the orders, of these curves are sparse, primarily for efficiency reasons. In this paper, we take advantage of this specificity to present new attack paths and recover the secret scalar of state-of-the-art protected elliptic curve implementations.

Category / Keywords: implementation / Elliptic curves, Scalar multiplication, Side-channel analysis, Correlation analysis

Date: received 12 Mar 2014, last revised 25 Jun 2014

Contact author: alexandre venelli at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20140625:135246 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]