This Article 
 Bibliographic References 
 Add to: 
Low-Cost Solutions for Preventing Simple Side-Channel Analysis: Side-Channel Atomicity
June 2004 (vol. 53 no. 6)
pp. 760-768

Abstract—This paper introduces simple methods to convert a cryptographic algorithm into an algorithm protected against simple side-channel attacks. Contrary to previously known solutions, the proposed techniques are not at the expense of the execution time. Moreover, they are generic and apply to virtually any algorithm. In particular, we present several novel exponentiation algorithms, namely, a protected square-and-multiply algorithm, its right-to-left counterpart, and several protected sliding-window algorithms. We also illustrate our methodology applied to point multiplication on elliptic curves. All these algorithms share the common feature that the complexity is globally unchanged compared to the corresponding unprotected implementations.

[1] O. Goldreich, Foundations of Cryptography Basic Tools. Cambridge Univ. Press, 2001.
[2] D. Boneh, R.A. DeMillo, and R.J. Lipton, On the Importance of Checking Cryptographic Protocols for Faults Proc. Conf. Advances in Cryptology EUROCRYPT '97, vol. 1233, pp. 37-51, 1997.
[3] P.C. Kocher, Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems Proc. Conf. Advances in Cryptology CRYPTO '96, vol. 1109, pp. 104-113, 1996.
[4] P.C. Kocher, J. Jaffe, and B. Jun, Differential Power Analysis Proc. Conf. Advances in Cryptology CRYPTO '99, vol. 1666, pp. 388-397, 1999.
[5] B. Chevallier-Mames and M. Joye, ProcédéCryptographique ProtégéContre les Attaques de TypeàCanal Caché, Demande de Brevet Français, FR 28 38 210, Apr. 2002.
[6] J.-S. Coron, Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems Proc. Conf. Cryptographic Hardware and Embedded Systems (CHES '99), vol. 1717, pp. 292-302, 1999.
[7] R.L. Rivest, A. Shamir, and L.M. Adleman, A Method for Obtaining Digital Signatures and Public-Key Cryptosystems Comm. ACM, vol. 21, no. 2, pp. 120-126, 1976.
[8] M. Joye, Recovering Lost Efficiency of Exponentiation Algorithms on Smart Cards Electronics Letters, vol. 38, no. 19, pp. 1095-1097, 2002.
[9] A.J. Menezes, P.C. van Oorschot, and S.A. Vanstone, Handbook of Applied Cryptography. CRC Press, 1997.
[10] L.-C.-K. Hui and K.-Y. Lam, Fast Square-and-Multiply Exponentiation for RSA Electronics Letters, vol. 30, no. 17, pp. 1396-1397, 1994.
[11] K.-Y. Lam and L.-C.-K. Hui, Efficiency of${SS}(l)$Square-and-Multiply Exponentiation Algorithms Electronics Letters, vol. 30, no. 25, pp. 2115-2116, 1994.
[12] I. Blake, G. Seroussi, and N.P. Smart, Elliptic Curves in Cryptography. Cambridge Univ. Press, 1999.
[13] IEEE Std 1363-2000, IEEE Standard Specifications for Public-Key Cryptography, IEEE Computer Soc., Aug. 2000.
[14] D.M. Gordon, A Survey of Fast Exponentiation Methods J. Algorithms, vol. 27, pp. 129-146, 1998.
[15] E. De Win, S. Mister, B. Preneel, and M. Wiener, On the Performance of Signature Schemes Based on Elliptic Curves Proc. Algorithmic Number Theory Symp., vol. 1423, pp. 252-266, 1998.
[16] M. Joye and C. Tymen, Protections against Differential Analysis for Elliptic Curve Cryptography: An Algebraic Approach Proc. Conf. Cryptographic Hardware and Embedded Systems (CHES 2001), vol. 2162, pp. 377-390, 2001.
[17] C.D. Walter, MIST: An Efficient Randomized Exponentiation Algorithm for Resisting Power Analysis Proc. Conf. Topics in Cryptology CT-RSA 2002, vol. 2271, pp. 53-66, 2002.

Index Terms:
Cryptographic algorithms, side-channel analysis, protected implementations, atomicity, exponentiation, elliptic curves.
Beno? Chevallier-Mames, Mathieu Ciet, Marc Joye, "Low-Cost Solutions for Preventing Simple Side-Channel Analysis: Side-Channel Atomicity," IEEE Transactions on Computers, vol. 53, no. 6, pp. 760-768, June 2004, doi:10.1109/TC.2004.13
Usage of this product signifies your acceptance of the Terms of Use.