Paper 2015/794

Safe-Errors on SPA Protected implementations with the Atomicity Technique

Pierre-Alain Fouque, Sylvain Guilley, Cédric Murdica, and David Naccache

Abstract

ECDSA is one of the most important public-key signature scheme, however it is vulnerable to lattice attack once a few bits of the nonces are leaked. To protect Elliptic Curve Cryptography (ECC) against Simple Power Analysis, many countermeasures have been proposed. Doubling and Additions of points on the given elliptic curve require several additions and multiplications in the base field and this number is not the same for the two operations. The idea of the atomicity protection is to use a fixed pattern, i.e. a small number of instructions and rewrite the two basic operations of ECC using this pattern. Dummy operations are introduced so that the different elliptic curve operations might be written with the same atomic pattern. In an adversary point of view, the attacker only sees a succession of patterns and is no longer able to distinguish which one corresponds to addition and doubling. Chevallier-Mames, Ciet and Joye were the first to introduce such countermeasure. In this paper, we are interested in studying this countermeasure and we show a new vulnerability since the ECDSA implementation succumbs now to C Safe-Error attacks. Then, we propose an effective solution to prevent against C Safe-Error attacks when using the Side-Channel Atomicity. The dummy operations are used in such a way that if a fault is introduced on one of them, it can be detected. Finally, our countermeasure method is generic, meaning that it can be adapted to all formulae. We apply our methods to different formulae presented for side-channel Atomicity.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Preprint. MINOR revision.
Keywords
Elliptic Curve CryptographySide-Channel AtomicityFault AttacksInfective CountermeasureLattice Attack
Contact author(s)
david naccache @ ens fr
History
2015-08-10: received
Short URL
https://ia.cr/2015/794
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/794,
      author = {Pierre-Alain Fouque and Sylvain Guilley and Cédric Murdica and David Naccache},
      title = {Safe-Errors on SPA Protected implementations with the Atomicity Technique},
      howpublished = {Cryptology ePrint Archive, Paper 2015/794},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/794}},
      url = {https://eprint.iacr.org/2015/794}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.