Side Channel Analysis of Practical Pairing Implementations: Which Path Is More Secure?
نویسندگان
چکیده
We present an investigation into the security of three practical pairing algorithms; the Tate, Eta and Ate pairing, in terms of side channel vulnerability. These three algorithms have recently shown to be efficiently computable on the resource constrained smart card, yet no in depth side channel analysis has yet appeared in the literature. Since the secret parameter input to the pairing can potentially be entered in either of the two possible positions, there exist two avenues of attack, i.e. e(P, Q) or e(Q, P ) where P is public and Q is private. We analyse the core operations fundamental to pairings and not only highlight how each implementation may potentially succumb to a side channel attack, but also show how one path is more susceptible than the other in Tate and Ate. For those who wish to deploy pairing based systems we make a simple suggestion to improve resistance to SCA.
منابع مشابه
Side Channel Attacks and Countermeasures on Pairing Based Cryptosystems over Binary Fields
Pairings on elliptic curves have been used as cryptographic primitives for the development of new applications such as identity based schemes. For the practical applications, it is crucial to provide efficient and secure implementations of the pairings. There have been several works on efficient implementations of the pairings. However, the research for secure implementations of the pairings ha...
متن کاملRevisiting Definitional Foundations of Oblivious RAM for Secure Processor Implementations
Oblivious RAM (ORAM) is a renowned technique to hide the access paerns of an application to an untrusted memory. According to the standard ORAM denition presented by Goldreich and Ostrovsky, in order for two ORAM access sequences to be computationally indistinguishable, the lengths of these sequences must be identically distributed. An artifact of this denition is that it does not apply to m...
متن کاملPower Side Channels in Security ICs: Hardware Countermeasures
Power side-channel attacks are a very effective cryptanalysis technique that can infer secret keys of security ICs by monitoring a chip’s power consumption. Since the emergence of practical attacks in the late 90s, they have been a major threat to many cryptographic-equipped devices including smart cards, encrypted FPGA designs, and mobile phones. Designers and manufacturers of cryptographic de...
متن کاملThreshold Implementation as a Countermeasure against Power Analysis Attacks
One of the usual ways to find sensitive data or secret parameters of cryptographic devices is to use their physical leakages. Power analysis is one of the attacks which lay in such a model. In comparison with other types of side-channels, power analysis is so efficient and has a high success rate. So it is important to provide a countermeasure against it. Different types of countermeasures use ...
متن کاملAn Efficient Method for Random Delay Generation in Embedded Software
Random delays are a countermeasure against a range of side channel and fault attacks that is often implemented in embedded software. We propose a new method for generation of random delays and a criterion for measuring the efficiency of a random delay countermeasure. We implement this new method along with the existing ones on an 8-bit platform and mount practical side-channel attacks against t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2006 شماره
صفحات -
تاریخ انتشار 2006