Failure of the Point Blinding Countermeasure Against Fault Attack in Pairing-Based Cryptography
نویسندگان
چکیده
Pairings are mathematical tools that have been proven to be very useful in the construction of many cryptographic protocols. Some of these protocols are suitable for implementation on power constrained devices such as smart cards or smartphone which are subject to side channel attacks. In this paper, we analyse the efficiency of the point blinding countermeasure in pairing based cryptography against side channel attacks. In particular,we show that this countermeasure does not protect Miller’s algorithm for pairing computation against fault attack. We then give recommendation for a secure implementation of a pairing based protocol using the Miller algorithm.
منابع مشابه
Fault Attack and Countermeasures on Pairing Based Cryptography
Bilinear pairing is a new and increasingly popular way of constructing cryptographic protocols. This has resulted in the development of Identity Based Encryption (IBE) that is ideally used in identity aware devices. The security of such devices using pairing algorithms against side-channel and fault attack has not been studied extensively. This paper examines the security of existing countermea...
متن کاملFault Attack, Countermeasures on Pairing Based Cryptography
Bilinear pairing is a new and increasingly popular way of constructing cryptographic protocols. This has resulted in the development of Identity Based Encryption (IBE) that is ideally used in identity aware devices. The security of such devices using pairing algorithms against side-channel and fault attack has not been studied extensively. This paper examines the security of existing countermea...
متن کاملPublic Key Perturbation of Randomized RSA Implementations
Among all countermeasures that have been proposed to thwart side-channel attacks against RSA implementations, the exponent randomization method – also known as exponent blinding – has been very early suggested by P. Kocher in 1996, and formalized by J.-S. Coron at CHES 1999. Although it has been used for a long time, some authors pointed out the fact that it does not intrinsically remove all so...
متن کاملRandomized Addition-Subtraction Chains as a Countermeasure against Power Attacks
Power Analysis attacks on elliptic curve cryptosystems and various countermeasures against them, have been first discussed by Coron ([6]). All proposed countermeasures are based on the randomization or blinding of the inputparameters of the binary algorithm. We propose a countermeasure that randomizes the binary algorithm itself. Our algorithm needs approximately 9% more additions than the ordi...
متن کاملAn Improved and Efficient Countermeasure against Power Analysis Attacks
Recently new types of differential power analysis attacks (DPA) against elliptic curve cryptosystems (ECC) and RSA systems have been introduced. Most existing countermeasures against classical DPA attacks are vulnerable to these new DPA attacks which include refined power analysis attacks (RPA), zero-value point attacks (ZPA), and doubling attacks. The new attacks are different from classical D...
متن کامل