TY - GEN
T1 - Generic cryptanalysis of combined countermeasures with randomized BSD representations
AU - Kim, Tae Hyun
AU - Han, Dong Guk
AU - Okeya, Katsuyuki
AU - Lim, Jongin
N1 - Copyright:
Copyright 2020 Elsevier B.V., All rights reserved.
PY - 2006
Y1 - 2006
N2 - In ICICS'04, Sim et al. proposed an attack against the full version of Ha-Moon's countermeasure which is one of enhanced counter-measures. The analysis technique is based on the fact that the probability for the appearance of an intermediate value is p = 1/2. By our simulations, however, it is proven to be not true. Thus sometimes the output of their attack might be wrong because there exists the case that the probability p is so small that they can make a wrong decision. In this paper we repair the above attack, and then propose a generic analytical technique applicable to all BSD type countermeasures combined with some simple power analysis countermeasures. In order to show that the proposed attack is as practical as the usual differential power analysis (DPA), we estimate the number of samples and computational cost. Furthermore, we enhance the proposed attack in two ways such that it works against right-to-left algorithm in a simpler and more efficient way, and also works against one combined with an extra DPA countermeasure.
AB - In ICICS'04, Sim et al. proposed an attack against the full version of Ha-Moon's countermeasure which is one of enhanced counter-measures. The analysis technique is based on the fact that the probability for the appearance of an intermediate value is p = 1/2. By our simulations, however, it is proven to be not true. Thus sometimes the output of their attack might be wrong because there exists the case that the probability p is so small that they can make a wrong decision. In this paper we repair the above attack, and then propose a generic analytical technique applicable to all BSD type countermeasures combined with some simple power analysis countermeasures. In order to show that the proposed attack is as practical as the usual differential power analysis (DPA), we estimate the number of samples and computational cost. Furthermore, we enhance the proposed attack in two ways such that it works against right-to-left algorithm in a simpler and more efficient way, and also works against one combined with an extra DPA countermeasure.
KW - Binary Signed Digit (BSD) Representation
KW - Differential Power Analysis
KW - Elliptic Curve Cryptosystems
KW - Refined Power Analysis
KW - Side Channel Attack
UR - http://www.scopus.com/inward/record.url?scp=33745776291&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=33745776291&partnerID=8YFLogxK
U2 - 10.1007/11733447_9
DO - 10.1007/11733447_9
M3 - Conference contribution
AN - SCOPUS:33745776291
SN - 3540333118
SN - 9783540333111
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 119
EP - 134
BT - Smart Card Research and Advanced Applications - 7th IFIP WG 8.8/11.2 International Conference, CARDIS 2006, Proceedings
A2 - Domingo-Ferrer, Josep
A2 - Posegga, Joachim
A2 - Schreckling, Daniel
PB - Springer Verlag
T2 - 7th IFIP WG 8.8/11.2 International Conference, CARDIS 2006
Y2 - 19 April 2006 through 21 April 2006
ER -