Further security analysis of XTR

Dong Guk Han, Tsuyoshi Takagi, Jong In Lim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In Crypto 2000 and 2003, Lenstra-Verheul and Rubin-Silverberg proposed XTR public key system and torus based public key cryptosystem CEILIDH, respectively. The common main idea of XTR and CEILIDH is to shorten the bandwidth of transmission data. Due to the contribution of Granger et al., that is the comparison result of the performance of CEILIDH and XTR, XTR is an excellent alternative to either RSA or ECC in some applications, where computational power and memory capacity are both very limited, such as smart-cards. Among the family of XTR algorithm, Improved XTR Single Exponentiation (XTR-ISE) is the most efficient one, which computes single exponentiation. However, there are few papers investigating the side channel attacks of XTR-ISE, even though the memory constraint devices suffer most from vulnerability to side channel attacks. Chung-Hasan and Page-Stam tried to analyze XTR-ISE with the known simple power analysis, but unfortunately their approach were not practically feasible. Recently, Han et al. proposed new collision attack on it with analysis complexity O(240) when the key size is 160-bit. In this paper we analyze XTR-ISE from other point of view, namely differential power analysis (DPA). One straightforward result is that XTR-ISE can be free from the original DPA. However, a non-trivial result is that an enhancing DPA proposed in this paper threatens XTR-ISE. Furthermore, we show several weak points of the structure of XTR-ISE. From our simulation results, we show the proposed attack requires about 584 times queries to DPA_Oracle to detect the whole 160-bit secret value. This result shows that XTR-ISE is vulnerable to the proposed enhancing DPA.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Pages33-44
Number of pages12
Volume3903 LNCS
DOIs
Publication statusPublished - 2006 Jul 10
Event2nd International Conference on Information Security Practice and Experience, ISPEC 2006 - Hangzhou, China
Duration: 2006 Apr 112006 Apr 14

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3903 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other2nd International Conference on Information Security Practice and Experience, ISPEC 2006
CountryChina
CityHangzhou
Period06/4/1106/4/14

    Fingerprint

Keywords

  • Differential power analysis
  • XTR public key system
  • XTR-ISE

ASJC Scopus subject areas

  • Computer Science(all)
  • Biochemistry, Genetics and Molecular Biology(all)
  • Theoretical Computer Science

Cite this

Han, D. G., Takagi, T., & Lim, J. I. (2006). Further security analysis of XTR. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 3903 LNCS, pp. 33-44). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3903 LNCS). https://doi.org/10.1007/11689522_4