Exponent Recoding and Regular Exponentiation Algorithms
نویسندگان
چکیده
This paper describes methods of recoding exponents to allow for regular implementations of m-ary exponentiation algorithms. Recoding algorithms previously proposed in the literature do not lend themselves to being implemented in a regular manner, which is required if the implementation needs to resist side-channel attacks based on simple power analysis. The advantage of the algorithms proposed in this paper over previous work is that the recoding can be readily implemented in a regular manner. Recoding algorithms are proposed for exponentiation algorithms that use both signed and unsigned exponent digits.
منابع مشابه
On the Vulnerability of Exponent Recodings for the Exponentiation against Side Channel Attacks
In this paper we propose a new side channel attack, where exponent recodings for public key cryptosystems such as RSA and ECDSA are considered. The known side channel attacks and countermeasures for public key cryptosystems were against the main stage (square and multiply stage) of the modular exponentiation (or the point multiplication on an elliptic curve). We have many algorithms which achie...
متن کاملA New Attack with Side Channel Leakage During Exponent Recoding Computations
In this paper we propose a new side channel attack, where exponent recodings for public key cryptosystems such as RSA and ECDSA are considered. The known side channel attacks and countermeasures for public key cryptosystems were against the main stage (square and multiply stage) of the modular exponentiation (or the point multiplication on an elliptic curve). We have many algorithms which achie...
متن کاملImprovement on Ha-Moon Randomized Exponentiation Algorithm
Randomized recoding on the exponent of an exponentiation computation into a signed-digit representation has been a well known countermeasure against some side-channel attacks. However, this category of countermeasures can only be applicable to those cryptosystems with fixed parameters on the base integer when evaluating exponentiation or to some classes of cryptosystems such that the inversion ...
متن کاملAlgorithms for Multi-exponentiation
This paper compares different approaches for computing power products ∏ 1≤i≤k g ei i in commutative groups. We look at the conventional simultaneous exponentiation approach and present an alternative strategy, interleaving exponentiation. Our comparison shows that in general groups, sometimes the conventional method and sometimes interleaving exponentiation is more efficient. In groups where in...
متن کاملFast Modular Exponentiation
The well-known binary method computes C = M (mod N) using an average number of 1:5(n 1) multiplications, where n is the number of bits in the binary expansion of E. When the exponent is recoded using the canonical bit recoding technique then the average number of multiplications can be reduced to 1:33(n 1). We show that a further reduction is achieved if the bits of the exponent are scanned at ...
متن کامل