Paper 2015/882
Using Modular Extension to Provably Protect Edwards Curves Against Fault Attacks
Margaux Dugardin, Sylvain Guilley, Martin Moreau, Zakaria Najm, and Pablo Rauzy
Abstract
Fault injection attacks are a real-world threat to cryptosystems, in particular asymmetric cryptography. In this paper, we focus on countermeasures which guarantee the integrity of the computation result, hence covering most existing and future fault attacks. Namely, we study the modular extension protection scheme in previously existing and newly contributed variants of the countermeasure on elliptic curve scalar multiplication (ECSM) algorithms. We find that an existing countermeasure is incorrect and we propose new “test-free” variant of the modular extension scheme that fixes it. We then formally prove the correctness and security of modular extension: specifically, the fault non-detection probability is inversely proportional to the security parameter. Finally, we implement an ECSM protected with test-free modular extension during the elliptic curve operation to evaluate the efficient of this method on Edwards and twisted Edwards curves.
Note: This version corresponds to the definitive submission for the proceedings of the PROOFS 2016 workshop.
Metadata
- Available format(s)
-
PDF
- Category
- Implementation
- Publication info
- Preprint. MINOR revision.
- Keywords
- fault injection attackcountermeasureasymmetric cryptographyelliptic curve cryptographyedwards curvemodular extension
- Contact author(s)
- pr @ ai univ-paris8 fr
- History
- 2016-08-14: last of 3 revisions
- 2015-09-13: received
- See all versions
- Short URL
- https://ia.cr/2015/882
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2015/882,
author = {Margaux Dugardin and Sylvain Guilley and Martin Moreau and Zakaria Najm and Pablo Rauzy},
title = {Using Modular Extension to Provably Protect Edwards Curves Against Fault Attacks},
howpublished = {Cryptology {ePrint} Archive, Paper 2015/882},
year = {2015},
url = {https://eprint.iacr.org/2015/882}
}
