Randomizing scalar multiplication using exact covering systems of congruences

Eleonora Guerrini; Laurent Imbert; Théo Winterhalter

Paper 2015/475

Randomizing scalar multiplication using exact covering systems of congruences

Eleonora Guerrini, Laurent Imbert, and Théo Winterhalter

Abstract

A covering system of congruences can be defined as a set of congruence relations of the form: ${r_{1} (\mod m_{1}), r_{2} (\mod m_{2}), \dots, r_{t} (\mod m_{t})}$ for $m_{1}, \dots, m_{t} \in \N$ satisfying the property that for every integer $k$ in $\Z$ , there exists at least an index $i \in {1, \dots, t}$ such that $k \equiv r_{i} (\mod m_{i})$ . First, we show that most existing scalar multiplication algorithms can be formulated in terms of covering systems of congruences. Then, using a special form of covering systems called exact $n$ -covers, we present a novel uniformly randomized scalar multiplication algorithm that may be used to counter differential side-channel attacks, and more generally physical attacks that require multiple executions of the algorithm. This algorithm can be an alternative to Coron's scalar blinding technique for elliptic curves, in particular when the choice of a particular finite field tailored for speed compels to use a large random factor.

Note: Updated version

Metadata

Available format(s): PDF
Publication info: Preprint. MINOR revision.
Keywords: Scalar multiplication side-channel attacks randomized algorithms covering systems of congruence
Contact author(s): laurent imbert @ lirmm fr
History: 2016-02-12: revised; 2015-05-19: received; See all versions
Short URL: https://ia.cr/2015/475
License: CC BY

BibTeX

@misc{cryptoeprint:2015/475,
      author = {Eleonora Guerrini and Laurent Imbert and Théo Winterhalter},
      title = {Randomizing scalar multiplication using exact covering systems of congruences},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/475},
      year = {2015},
      url = {https://eprint.iacr.org/2015/475}
}