METHOD SECURED AGAINST SIDE-CHANNEL ATTACKS PERFORMING A

METHOD SECURED AGAINST SIDE-CHANNEL ATTACKS PERFORMING A

The present invention relates to a method secured against side channel attacks performing a cryptographic operation of a cryptographic algorithm, said cryptographic operation comprising at least one polynomial operation on at least one input polynomial A[X] in a first polynomial ring Rq = Fq[X]/(Xn+...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: VIGILANT, David, PERION, Fabrice, ROUSSELLET, Mylène
Format: Patent
Sprache:eng ; fre
Schlagworte:
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The present invention relates to a method secured against side channel attacks performing a cryptographic operation of a cryptographic algorithm, said cryptographic operation comprising at least one polynomial operation on at least one input polynomial A[X] in a first polynomial ring Rq = Fq[X]/(Xn+1), with n an integer and q a first integer being a prime number, wherein said method is performed by a cryptographic device and comprises : - selecting a multiplier integer t and determining a second integer q' by multiplying said first integer q by said selected multiplier integer t (S1), - for each input polynomial A[X] with coefficients Ai in Fq with i in [0,...,n-1], o determining (S2) an invertible random polynomial R[X] in said first polynomial ring Rq, o randomizing (S3) the coefficients Ai of said input polynomial A[X] based on said determined second integer q' and said determined random polynomial R[X] by:  transforming the input polynomial A[X] into a lifted input polynomial A'[X] with coefficients Ai' such that Ai' = Ai + q mod q', with i in [0,...,n-1], the lifted input polynomial A'[X] being a polynomial in a second polynomial ring Rq' = Fq'[X]/(Xn+1),  randomizing the lifted input polynomial A'[X] by multiplying it by the random polynomial R[X] modulo said second integer q' to obtain a randomized input polynomial A''[X] in said second polynomial ring Rq', - performing (S4) the at least one polynomial operation of the cryptographic operation on said randomized input polynomials A''[X] instead of said input polynomials A[X] to obtain a result polynomial Res"[X] with coefficients Resi in Fq', - unmasking (S5) the result polynomial Res"(X) by applying to its coefficients a modulo said first integer q operation and/or by multiplying it by inverses of said random polynomials R[X] determined for the input polynomials to provide a result of the cryptographic operation. La présente invention concerne un procédé sécurisé contre des attaques par canal latéral qui met en œuvre une opération cryptographique d'un algorithme cryptographique, ladite opération cryptographique comprenant au moins une opération polynomiale sur au moins un polynôme d'entrée A[X] dans un premier anneau polynomial Rq = Fq[X]/(Xn+1), n étant un nombre entier et q étant un premier nombre entier qui est un nombre premier, ledit procédé étant mis en œuvre par un dispositif cryptographique et comprenant les étapes suivantes : - sélection d'un nombre entier de multiplicateur t et détermina