Paper 2021/1580

High Order Side-Channel Security for Elliptic-Curve Implementations

Sonia Belaïd, CryptoExperts (France)
Matthieu Rivain, CryptoExperts (France)
Abstract

Elliptic-curve implementations protected with state-of-the-art countermeasures against side-channel attacks might still be vulnerable to advanced attacks that recover secret information from a single leakage trace. The effectiveness of these attacks is boosted by the emergence of deep learning techniques for side-channel analysis which relax the control or knowledge an adversary must have on the target implementation. In this paper, we provide generic countermeasures to withstand these attacks for a wide range of regular elliptic-curve implementations. We first introduce a framework to formally model a regular algebraic program which consists of a sequence of algebraic operations indexed by key-dependent values. We then introduce a generic countermeasure to protect these types of programs against advanced single-trace side-channel attacks. Our scheme achieves provable security in the noisy leakage model under a formal assumption on the leakage of randomized variables. To demonstrate the applicability of our solution, we provide concrete examples on several widely deployed scalar multiplication algorithms and report some benchmarks for a protected implementation on a smart card.

Metadata
Available format(s)
PDF
Category
Implementation
Publication info
Published by the IACR in TCHES 2023
Keywords
Side-channel countermeasures elliptic-curve cryptography masking noisy leakage model collision attacks
Contact author(s)
sonia belaid @ cryptoexperts com
matthieu rivain @ cryptoexperts com
History
2022-10-14: revised
2021-12-03: received
See all versions
Short URL
https://ia.cr/2021/1580
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/1580,
      author = {Sonia Belaïd and Matthieu Rivain},
      title = {High Order Side-Channel Security for Elliptic-Curve Implementations},
      howpublished = {Cryptology {ePrint} Archive, Paper 2021/1580},
      year = {2021},
      url = {https://eprint.iacr.org/2021/1580}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.