CSDL Home IEEE Transactions on Dependable and Secure Computing 2009 vol.6 Issue No.03 - July-September
Issue No.03 - July-September (2009 vol.6)
Agustín Domínguez-Oviedo , University of Waterloo, Waterloo
M. Anwar Hasan , University of Waterloo, Waterloo
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2008.21
For some applications, elliptic curve cryptography (ECC) is an attractive choice because it achieves the same level of security with a much smaller key size in comparison with other schemes such as those that are based on integer factorization or discrete logarithm. For security reasons, especially to provide resistance against fault-based attacks, it is very important to verify the correctness of computations in ECC applications. In this paper, error-detecting and fault-tolerant elliptic curve cryptosystems are considered. Error detection may be a sufficient countermeasure for many security applications; however, fault-tolerant characteristic enables a system to perform its normal operation in spite of faults. For the purpose of detecting errors due to faults, a number of schemes and hardware structures are presented based on recomputation or parallel computation. It is shown that these structures can be used for detecting errors with a very high probability during the computation of the elliptic curve scalar multiplication (ECSM). Additionally, we show that using parallel computation along with either PV or recomputation, it is possible to have fault-tolerant structures for the ECSM. If certain conditions are met, these schemes are more efficient than others such as the well-known triple modular redundancy. Prototypes of the proposed structures for error detection and fault tolerance have been implemented, and experimental results have been presented.
Elliptic curve cryptography, scalar multiplication, fault-based attacks, error detection, fault tolerance.
Agustín Domínguez-Oviedo, M. Anwar Hasan, "Error Detection and Fault Tolerance in ECSM Using Input Randomization", IEEE Transactions on Dependable and Secure Computing, vol.6, no. 3, pp. 175-187, July-September 2009, doi:10.1109/TDSC.2008.21