Single-Trace Side-Channel Attacks on Scalar Multiplications with Precomputations

Kimmo Järvinen; Josep Balasch

doi:10.1007/978-3-319-54669-8_9

Single-Trace Side-Channel Attacks on Scalar Multiplications with Precomputations

Kimmo Järvinen
, Josep Balasch

Not published at Aalto University

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

Abstract

Single-trace side-channel attacks are a serious threat to elliptic curve cryptography in practice because they can break also cryptosystems where scalars are nonces (e.g., ECDSA). Previously it was believed that single-trace attacks can be avoided by using scalar multiplication algorithms with regular patterns of operations but recently we have learned that they can be broken with correlation tests to decide whether different operations share common operands. In this work, we extend these attacks to scalar multiplication algorithms with precomputations. We show that many algorithms are vulnerable to our attack which correlates measurements with precomputed values. We also show that successful attacks are possible even without knowledge of precomputed values by using clustering instead of correlations. We provide extensive evidence for the feasibility of the attacks with simulations and experiments with an 8-bit AVR. Finally, we discuss the effectiveness of certain countermeasures against our attacks.

Original language	English
Title of host publication	Smart Card Research and Advanced Applications
Subtitle of host publication	15th International Conference, CARDIS 2016 Cannes, France, November 7–9, 2016, Revised Selected Papers
Editors	Kerstin Lemke-Rust, Michael Tunstall
Publisher	Springer
Pages	137-155
ISBN (Electronic)	978-3-319-54669-8
ISBN (Print)	978-3-319-54668-1
DOIs	https://doi.org/10.1007/978-3-319-54669-8_9
Publication status	Published - 2017
MoE publication type	A4 Conference publication
Event	Smart Card Research and Advanced Application Conference - Cannes, France Duration: 7 Nov 2016 → 9 Nov 2016

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	10146
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	Smart Card Research and Advanced Application Conference
Abbreviated title	CARDIS
Country/Territory	France
City	Cannes
Period	07/11/2016 → 09/11/2016

Access to Document

10.1007/978-3-319-54669-8_9

Cite this

Järvinen, K., & Balasch, J. (2017). Single-Trace Side-Channel Attacks on Scalar Multiplications with Precomputations. In K. Lemke-Rust, & M. Tunstall (Eds.), Smart Card Research and Advanced Applications: 15th International Conference, CARDIS 2016 Cannes, France, November 7–9, 2016, Revised Selected Papers (pp. 137-155). (Lecture Notes in Computer Science; Vol. 10146). Springer. https://doi.org/10.1007/978-3-319-54669-8_9

Järvinen, Kimmo ; Balasch, Josep. / Single-Trace Side-Channel Attacks on Scalar Multiplications with Precomputations. Smart Card Research and Advanced Applications: 15th International Conference, CARDIS 2016 Cannes, France, November 7–9, 2016, Revised Selected Papers. editor / Kerstin Lemke-Rust ; Michael Tunstall. Springer, 2017. pp. 137-155 (Lecture Notes in Computer Science).

@inproceedings{84549e302e1e43328df23176fea337c4,

title = "Single-Trace Side-Channel Attacks on Scalar Multiplications with Precomputations",

abstract = "Single-trace side-channel attacks are a serious threat to elliptic curve cryptography in practice because they can break also cryptosystems where scalars are nonces (e.g., ECDSA). Previously it was believed that single-trace attacks can be avoided by using scalar multiplication algorithms with regular patterns of operations but recently we have learned that they can be broken with correlation tests to decide whether different operations share common operands. In this work, we extend these attacks to scalar multiplication algorithms with precomputations. We show that many algorithms are vulnerable to our attack which correlates measurements with precomputed values. We also show that successful attacks are possible even without knowledge of precomputed values by using clustering instead of correlations. We provide extensive evidence for the feasibility of the attacks with simulations and experiments with an 8-bit AVR. Finally, we discuss the effectiveness of certain countermeasures against our attacks.",

author = "Kimmo J{\"a}rvinen and Josep Balasch",

year = "2017",

doi = "10.1007/978-3-319-54669-8\_9",

language = "English",

isbn = "978-3-319-54668-1",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "137--155",

editor = "Kerstin Lemke-Rust and Michael Tunstall",

booktitle = "Smart Card Research and Advanced Applications",

address = "Germany",

note = "Smart Card Research and Advanced Application Conference<br/>, CARDIS ; Conference date: 07-11-2016 Through 09-11-2016",

}

Järvinen, K & Balasch, J 2017, Single-Trace Side-Channel Attacks on Scalar Multiplications with Precomputations. in K Lemke-Rust & M Tunstall (eds), Smart Card Research and Advanced Applications: 15th International Conference, CARDIS 2016 Cannes, France, November 7–9, 2016, Revised Selected Papers. Lecture Notes in Computer Science, vol. 10146, Springer, pp. 137-155, Smart Card Research and Advanced Application Conference
, Cannes, France, 07/11/2016. https://doi.org/10.1007/978-3-319-54669-8_9

Single-Trace Side-Channel Attacks on Scalar Multiplications with Precomputations. / Järvinen, Kimmo; Balasch, Josep.
Smart Card Research and Advanced Applications: 15th International Conference, CARDIS 2016 Cannes, France, November 7–9, 2016, Revised Selected Papers. ed. / Kerstin Lemke-Rust; Michael Tunstall. Springer, 2017. p. 137-155 (Lecture Notes in Computer Science; Vol. 10146).

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

TY - GEN

T1 - Single-Trace Side-Channel Attacks on Scalar Multiplications with Precomputations

AU - Järvinen, Kimmo

AU - Balasch, Josep

PY - 2017

Y1 - 2017

N2 - Single-trace side-channel attacks are a serious threat to elliptic curve cryptography in practice because they can break also cryptosystems where scalars are nonces (e.g., ECDSA). Previously it was believed that single-trace attacks can be avoided by using scalar multiplication algorithms with regular patterns of operations but recently we have learned that they can be broken with correlation tests to decide whether different operations share common operands. In this work, we extend these attacks to scalar multiplication algorithms with precomputations. We show that many algorithms are vulnerable to our attack which correlates measurements with precomputed values. We also show that successful attacks are possible even without knowledge of precomputed values by using clustering instead of correlations. We provide extensive evidence for the feasibility of the attacks with simulations and experiments with an 8-bit AVR. Finally, we discuss the effectiveness of certain countermeasures against our attacks.

AB - Single-trace side-channel attacks are a serious threat to elliptic curve cryptography in practice because they can break also cryptosystems where scalars are nonces (e.g., ECDSA). Previously it was believed that single-trace attacks can be avoided by using scalar multiplication algorithms with regular patterns of operations but recently we have learned that they can be broken with correlation tests to decide whether different operations share common operands. In this work, we extend these attacks to scalar multiplication algorithms with precomputations. We show that many algorithms are vulnerable to our attack which correlates measurements with precomputed values. We also show that successful attacks are possible even without knowledge of precomputed values by using clustering instead of correlations. We provide extensive evidence for the feasibility of the attacks with simulations and experiments with an 8-bit AVR. Finally, we discuss the effectiveness of certain countermeasures against our attacks.

U2 - 10.1007/978-3-319-54669-8_9

DO - 10.1007/978-3-319-54669-8_9

M3 - Conference article in proceedings

SN - 978-3-319-54668-1

T3 - Lecture Notes in Computer Science

SP - 137

EP - 155

BT - Smart Card Research and Advanced Applications

A2 - Lemke-Rust, Kerstin

A2 - Tunstall, Michael

PB - Springer

T2 - Smart Card Research and Advanced Application Conference<br/>

Y2 - 7 November 2016 through 9 November 2016

ER -

Järvinen K, Balasch J. Single-Trace Side-Channel Attacks on Scalar Multiplications with Precomputations. In Lemke-Rust K, Tunstall M, editors, Smart Card Research and Advanced Applications: 15th International Conference, CARDIS 2016 Cannes, France, November 7–9, 2016, Revised Selected Papers. Springer. 2017. p. 137-155. (Lecture Notes in Computer Science). doi: 10.1007/978-3-319-54669-8_9

Single-Trace Side-Channel Attacks on Scalar Multiplications with Precomputations

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this