Cryptology ePrint Archive: Report 2015/819
Improving the Big Mac Attack on Elliptic Curve Cryptography
Jean-Luc Danger and Sylvain Guilley and Philippe Hoogvorst and Cédric Murdica and David Naccache
Abstract: At CHES 2001, Walter introduced the Big Mac attack against an implementation of RSA. It is an horizontal collision attack, based on the detection of common operands in two multiplications. The attack is very powerful since one single power trace of an exponentiation permits to recover all bits of the secret exponent. Moreover, the attack works with unknown or blinded input. The technique was later studied and
improved by Clavier et alii and presented at INDOCRYPT 2012. At SAC 2013, Bauer et alii presented the first attack based on the Big Mac principle on implementations based on elliptic curves with simulation results.
In this work, we improve the attack presented by Bauer et alii to considerably increase the success rate. Instead of comparing only two multiplications, the targeted implementation
permits to compare many multiplications. We give experiment results with traces taken from a real target to prove the soundness of our attack. In fact, the experimental results show that the original Big Mac technique given by Walter was better
that the technique given by Clavier et alii. With our experiments on a real target, we show that the theoretical improvements are not necessarily the more suitable methods depending on the targeted implementations.
Category / Keywords: implementation / side channel attacks
Date: received 17 Aug 2015
Contact author: david naccache at ens fr
Available format(s): PDF | BibTeX Citation
Version: 20190305:124745 (All versions of this report)
Short URL: ia.cr/2015/819
[ Cryptology ePrint archive ]