Paper 2021/1580
High Order Side-Channel Security for Elliptic-Curve Implementations
Abstract
Elliptic-curve implementations protected with state-of-the-art countermeasures against side-channel attacks might still be vulnerable to advanced attacks that recover secret information from a single leakage trace. The effectiveness of these attacks is boosted by the emergence of deep learning techniques for side-channel analysis which relax the control or knowledge an adversary must have on the target implementation. In this paper, we provide generic countermeasures to withstand these attacks for a wide range of regular elliptic-curve implementations. We first introduce a framework to formally model a regular algebraic program which consists of a sequence of algebraic operations indexed by key-dependent values. We then introduce a generic countermeasure to protect these types of programs against advanced single-trace side-channel attacks. Our scheme achieves provable security in the noisy leakage model under a formal assumption on the leakage of randomized variables. To demonstrate the applicability of our solution, we provide concrete examples on several widely deployed scalar multiplication algorithms and report some benchmarks for a protected implementation on a smart card.
Metadata
- Available format(s)
- Category
- Implementation
- Publication info
- Published by the IACR in TCHES 2023
- Keywords
- Side-channel countermeasures elliptic-curve cryptography masking noisy leakage model collision attacks
- Contact author(s)
-
sonia belaid @ cryptoexperts com
matthieu rivain @ cryptoexperts com - History
- 2022-10-14: revised
- 2021-12-03: received
- See all versions
- Short URL
- https://ia.cr/2021/1580
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2021/1580, author = {Sonia Belaïd and Matthieu Rivain}, title = {High Order Side-Channel Security for Elliptic-Curve Implementations}, howpublished = {Cryptology {ePrint} Archive, Paper 2021/1580}, year = {2021}, url = {https://eprint.iacr.org/2021/1580} }