| Presentation | 2002/11/8 A Multiple Power Analysis Attack Breaks the Advanced Version of the Randomized Addition-Subtraction Chains Method at CHES 2001 Katsuyuki OKEYA, Kouichi SAKURAI, |
|---|---|
| PDF Download Page | PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | We show that the advanced version of a randomized addition-subtraction chains countermeasure against side channel attacks is vulnerable to a multiple power analysis attack, a new kind of side channel attack. A side channel attack is an attack that takes advantage of information leaked during execution of a cryptographic procedure. The randomized addition-subtraction chains countermeasure has been proposed by Oswald-Aigner, and is a random decision inserted into computations. The countermeasure has two versions; the basic version and the advanced version. The basic version has been proved to be vulnerable to a side channel attack. This is due to a shrink of states for randomization if a bit of the secret scalar is zero. However, the advanced version does not have such a. shrink. Thus, the advanced version's immunity to side channel attacks is still controversial. The multiple power analysis uses plural AD sequences, which are sequences of additions and doublings, and obtained by the distinguishability and measurements. The multiple power analysis relates the AD sequences each other, and deduces the secret scalar. A point of the multiple power analysis against, the advanced version is that two different states are combined, and regarded as the same state. This provides a shrink of states if a bit of the secret scalar is zero. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Elliptic Curve Cryptosystems / Side Channel Attacks / Randomized Addition-Subtraction Chains Conutermeasure / Advanced Version / Simple Power Analysis / Multiple Power Analysis |
| Paper # | ISEC2002-93 |
| Date of Issue |
| Conference Information | |
| Committee | ISEC |
|---|---|
| Conference Date | 2002/11/8(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information Security (ISEC) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | A Multiple Power Analysis Attack Breaks the Advanced Version of the Randomized Addition-Subtraction Chains Method at CHES 2001 |
| Sub Title (in English) | |
| Keyword(1) | Elliptic Curve Cryptosystems |
| Keyword(2) | Side Channel Attacks |
| Keyword(3) | Randomized Addition-Subtraction Chains Conutermeasure |
| Keyword(4) | Advanced Version |
| Keyword(5) | Simple Power Analysis |
| Keyword(6) | Multiple Power Analysis |
| 1st Author's Name | Katsuyuki OKEYA |
| 1st Author's Affiliation | Hitachi, Ltd., Systems Development Laboratory() |
| 2nd Author's Name | Kouichi SAKURAI |
| 2nd Author's Affiliation | Graduate School of Information Science and Electrical Engineering, Kyushu University |
| Date | 2002/11/8 |
| Paper # | ISEC2002-93 |
| Volume (vol) | vol.102 |
| Number (no) | 437 |
| Page | pp.pp.- |
| #Pages | 8 |
| Date of Issue | |