EC P-256: Successful Simple Power Analysis
In this work we discuss the resistance of atomic pattern algorithms for elliptic curve point multiplication against simple side channel analysis attacks using our own implementation as an example. The idea of the atomicity principle is to make kP implementations resistant against simple side channel...
Gespeichert in:
| Veröffentlicht in: | arXiv.org 2021-08 |
|---|---|
| Hauptverfasser: | , , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | arXiv.org |
| container_volume | |
| creator | Kabin, Ievgen Dyka, Zoya Klann, Dan Langendoerfer, Peter |
| description | In this work we discuss the resistance of atomic pattern algorithms for elliptic curve point multiplication against simple side channel analysis attacks using our own implementation as an example. The idea of the atomicity principle is to make kP implementations resistant against simple side channel analysis attacks. One of the assumptions, on which the atomicity principle is based, is the indistinguishability of register operations, i.e. two write-to-register operations cannot be distinguished if their old and new data values are the same. But before the data can be stored to a register/block, this register/block has to be addressed for storing the data. Different registers/blocks have different addresses. In praxis, this different and key dependent addressing can be used to reveal the key, even by running simple SCA attacks. The key dependent addressing of registers/blocks allows to reveal the key and is an inherent feature of the binary kP algorithms. This means that the assumption, that addressing of different registers/blocks is an indistinguishable operation, may no longer be applied when realizing kP implementations, at least not for hardware implementations. |
| format | Article |
| fullrecord | <record><control><sourceid>proquest</sourceid><recordid>TN_cdi_proquest_journals_2544701517</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2544701517</sourcerecordid><originalsourceid>FETCH-proquest_journals_25447015173</originalsourceid><addsrcrecordid>eNpjYuA0MjY21LUwMTLiYOAtLs4yMDAwMjM3MjU15mTQcnVWCNA1MjWzUgguTU5OLS5OK81RCM7MLchJVQjIL08tUnDMS8ypLM4s5mFgTUvMKU7lhdLcDMpuriHOHroFRfmFpanFJfFZ-aVFQMXF8UamJibmBoamhubGxKkCAE6EL04</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2544701517</pqid></control><display><type>article</type><title>EC P-256: Successful Simple Power Analysis</title><source>Open Access Journals</source><creator>Kabin, Ievgen ; Dyka, Zoya ; Klann, Dan ; Langendoerfer, Peter</creator><creatorcontrib>Kabin, Ievgen ; Dyka, Zoya ; Klann, Dan ; Langendoerfer, Peter</creatorcontrib><description>In this work we discuss the resistance of atomic pattern algorithms for elliptic curve point multiplication against simple side channel analysis attacks using our own implementation as an example. The idea of the atomicity principle is to make kP implementations resistant against simple side channel analysis attacks. One of the assumptions, on which the atomicity principle is based, is the indistinguishability of register operations, i.e. two write-to-register operations cannot be distinguished if their old and new data values are the same. But before the data can be stored to a register/block, this register/block has to be addressed for storing the data. Different registers/blocks have different addresses. In praxis, this different and key dependent addressing can be used to reveal the key, even by running simple SCA attacks. The key dependent addressing of registers/blocks allows to reveal the key and is an inherent feature of the binary kP algorithms. This means that the assumption, that addressing of different registers/blocks is an indistinguishable operation, may no longer be applied when realizing kP implementations, at least not for hardware implementations.</description><identifier>EISSN: 2331-8422</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Algorithms ; Curves ; Multiplication ; Registers</subject><ispartof>arXiv.org, 2021-08</ispartof><rights>2021. This work is published under http://creativecommons.org/licenses/by-nc-nd/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>776,780</link.rule.ids></links><search><creatorcontrib>Kabin, Ievgen</creatorcontrib><creatorcontrib>Dyka, Zoya</creatorcontrib><creatorcontrib>Klann, Dan</creatorcontrib><creatorcontrib>Langendoerfer, Peter</creatorcontrib><title>EC P-256: Successful Simple Power Analysis</title><title>arXiv.org</title><description>In this work we discuss the resistance of atomic pattern algorithms for elliptic curve point multiplication against simple side channel analysis attacks using our own implementation as an example. The idea of the atomicity principle is to make kP implementations resistant against simple side channel analysis attacks. One of the assumptions, on which the atomicity principle is based, is the indistinguishability of register operations, i.e. two write-to-register operations cannot be distinguished if their old and new data values are the same. But before the data can be stored to a register/block, this register/block has to be addressed for storing the data. Different registers/blocks have different addresses. In praxis, this different and key dependent addressing can be used to reveal the key, even by running simple SCA attacks. The key dependent addressing of registers/blocks allows to reveal the key and is an inherent feature of the binary kP algorithms. This means that the assumption, that addressing of different registers/blocks is an indistinguishable operation, may no longer be applied when realizing kP implementations, at least not for hardware implementations.</description><subject>Algorithms</subject><subject>Curves</subject><subject>Multiplication</subject><subject>Registers</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><recordid>eNpjYuA0MjY21LUwMTLiYOAtLs4yMDAwMjM3MjU15mTQcnVWCNA1MjWzUgguTU5OLS5OK81RCM7MLchJVQjIL08tUnDMS8ypLM4s5mFgTUvMKU7lhdLcDMpuriHOHroFRfmFpanFJfFZ-aVFQMXF8UamJibmBoamhubGxKkCAE6EL04</recordid><startdate>20210809</startdate><enddate>20210809</enddate><creator>Kabin, Ievgen</creator><creator>Dyka, Zoya</creator><creator>Klann, Dan</creator><creator>Langendoerfer, Peter</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope></search><sort><creationdate>20210809</creationdate><title>EC P-256: Successful Simple Power Analysis</title><author>Kabin, Ievgen ; Dyka, Zoya ; Klann, Dan ; Langendoerfer, Peter</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-proquest_journals_25447015173</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Algorithms</topic><topic>Curves</topic><topic>Multiplication</topic><topic>Registers</topic><toplevel>online_resources</toplevel><creatorcontrib>Kabin, Ievgen</creatorcontrib><creatorcontrib>Dyka, Zoya</creatorcontrib><creatorcontrib>Klann, Dan</creatorcontrib><creatorcontrib>Langendoerfer, Peter</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science & Engineering Collection</collection><collection>ProQuest Central (Alumni)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Databases</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Engineering Collection</collection><collection>ProQuest Engineering Database</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering collection</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Kabin, Ievgen</au><au>Dyka, Zoya</au><au>Klann, Dan</au><au>Langendoerfer, Peter</au><format>book</format><genre>document</genre><ristype>GEN</ristype><atitle>EC P-256: Successful Simple Power Analysis</atitle><jtitle>arXiv.org</jtitle><date>2021-08-09</date><risdate>2021</risdate><eissn>2331-8422</eissn><abstract>In this work we discuss the resistance of atomic pattern algorithms for elliptic curve point multiplication against simple side channel analysis attacks using our own implementation as an example. The idea of the atomicity principle is to make kP implementations resistant against simple side channel analysis attacks. One of the assumptions, on which the atomicity principle is based, is the indistinguishability of register operations, i.e. two write-to-register operations cannot be distinguished if their old and new data values are the same. But before the data can be stored to a register/block, this register/block has to be addressed for storing the data. Different registers/blocks have different addresses. In praxis, this different and key dependent addressing can be used to reveal the key, even by running simple SCA attacks. The key dependent addressing of registers/blocks allows to reveal the key and is an inherent feature of the binary kP algorithms. This means that the assumption, that addressing of different registers/blocks is an indistinguishable operation, may no longer be applied when realizing kP implementations, at least not for hardware implementations.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext |
| identifier | EISSN: 2331-8422 |
| ispartof | arXiv.org, 2021-08 |
| issn | 2331-8422 |
| language | eng |
| recordid | cdi_proquest_journals_2544701517 |
| source | Open Access Journals |
| subjects | Algorithms Curves Multiplication Registers |
| title | EC P-256: Successful Simple Power Analysis |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-24T20%3A09%3A11IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=document&rft.atitle=EC%20P-256:%20Successful%20Simple%20Power%20Analysis&rft.jtitle=arXiv.org&rft.au=Kabin,%20Ievgen&rft.date=2021-08-09&rft.eissn=2331-8422&rft_id=info:doi/&rft_dat=%3Cproquest%3E2544701517%3C/proquest%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2544701517&rft_id=info:pmid/&rfr_iscdi=true |