CSDL Home IEEE Transactions on Dependable and Secure Computing 2009 vol.6 Issue No.03 - July-September

Subscribe

Issue No.03 - July-September (2009 vol.6)

pp: 175-187

Agustín Domínguez-Oviedo , University of Waterloo, Waterloo

M. Anwar Hasan , University of Waterloo, Waterloo

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2008.21

ABSTRACT

For some applications, elliptic curve cryptography (ECC) is an attractive choice because it achieves the same level of security with a much smaller key size in comparison with other schemes such as those that are based on integer factorization or discrete logarithm. For security reasons, especially to provide resistance against fault-based attacks, it is very important to verify the correctness of computations in ECC applications. In this paper, error-detecting and fault-tolerant elliptic curve cryptosystems are considered. Error detection may be a sufficient countermeasure for many security applications; however, fault-tolerant characteristic enables a system to perform its normal operation in spite of faults. For the purpose of detecting errors due to faults, a number of schemes and hardware structures are presented based on recomputation or parallel computation. It is shown that these structures can be used for detecting errors with a very high probability during the computation of the elliptic curve scalar multiplication (ECSM). Additionally, we show that using parallel computation along with either PV or recomputation, it is possible to have fault-tolerant structures for the ECSM. If certain conditions are met, these schemes are more efficient than others such as the well-known triple modular redundancy. Prototypes of the proposed structures for error detection and fault tolerance have been implemented, and experimental results have been presented.

INDEX TERMS

Elliptic curve cryptography, scalar multiplication, fault-based attacks, error detection, fault tolerance.

CITATION

Agustín Domínguez-Oviedo, M. Anwar Hasan, "Error Detection and Fault Tolerance in ECSM Using Input Randomization",

*IEEE Transactions on Dependable and Secure Computing*, vol.6, no. 3, pp. 175-187, July-September 2009, doi:10.1109/TDSC.2008.21REFERENCES