Some Security Aspects of the M IST Randomized Exponentiation Algorithm
نویسنده
چکیده
The Mist exponentiation algorithm is intended for use in embedded crypto-systems to provide protection against power analysis and other side channel attacks. It generates randomly different addition chains for performing a particular exponentiation. This means that side channel attacks on RSA decryption or signing which require averaging over a number of exponentiation power traces become impossible. However, averaging over digit-by-digit multiplication traces may allow the detection of operand re-use. Although this provides a handle for an attacker by which the exponent search space might be considerably reduced, the number of possible exponents is shown to be still well outside the range of feasible computation in the foreseeable future.
منابع مشابه
Efficient elliptic curve cryptosystems
Elliptic curve cryptosystems (ECC) are new generations of public key cryptosystems that have a smaller key size for the same level of security. The exponentiation on elliptic curve is the most important operation in ECC, so when the ECC is put into practice, the major problem is how to enhance the speed of the exponentiation. It is thus of great interest to develop algorithms for exponentiation...
متن کاملSelf-Randomized Exponentiation Algorithms
Exponentiation is a central process in many public-key cryptosystems such as RSA and DH. This paper introduces the concept of self-randomized exponentiation as an efficient means for preventing DPAtype attacks. Self-randomized exponentiation features several interesting properties: – it is fully generic in the sense that it is not restricted to a particular exponentiation algorithm; – it is par...
متن کاملImprovement on Ha-Moon Randomized Exponentiation Algorithm
Randomized recoding on the exponent of an exponentiation computation into a signed-digit representation has been a well known countermeasure against some side-channel attacks. However, this category of countermeasures can only be applicable to those cryptosystems with fixed parameters on the base integer when evaluating exponentiation or to some classes of cryptosystems such that the inversion ...
متن کاملComputer security in the future
Until recently, computer security was an obscure discipline that seemed to have little relevance to everyday life. With the rapid growth of the Internet, e-commerce, and the widespread use of computers, computer security touches almost all aspects of daily life and all parts of society. Even those who do not use computers have information about them stored on computers. This paper reviews some ...
متن کاملUniversal Exponentiation Algorithm – A First Step Towards Provable SPA - resistance –
Very few countermeasures are known to protect an exponentiation against simple side-channel analyses. Moreover, all of them are heuristic. This paper presents a universal exponentiation algorithm. By tying the exponent to a corresponding addition chain, our algorithm can virtually execute any exponentiation method. Our aim is to transfer the security of the exponentiation method being implement...
متن کامل