Adaptive Error Recovery for Transient Faults in Elliptic Curve Scalar Multiplication

The use of fixed-block error recovery, which combines frequent validation and partial recomputation, to address the problem of transient faults in elliptic curve scalar multiplication was proposed earlier and its advantages in terms of efficiency and reliability were illustrated. However, in order to maximize its advantages, the selection of the block size has to be optimized, which requires knowledge of the statistical properties of errors. It was shown that this can be partially alleviated by selecting smaller block sizes. We introduce an alternative approach that aims to reduce the dependency on prior knowledge. Instead of using a fixed block size, we propose the use of an adaptive block size that varies depending on whether or not an error is detected. The performance of this approach is studied using an analytical model and simulation under constant and variable error rates and the results show that it can approach, and in some cases exceed, the performance of the fixed-block error recovery approach while not requiring prior knowledge of the statistical properties of errors.