### Abstract

In ICICS'04, Sim et al. proposed an attack against the full version of Ha-Moon's countermeasure which is one of enhanced counter-measures. The analysis technique is based on the fact that the probability for the appearance of an intermediate value is p = 1/2. By our simulations, however, it is proven to be not true. Thus sometimes the output of their attack might be wrong because there exists the case that the probability p is so small that they can make a wrong decision. In this paper we repair the above attack, and then propose a generic analytical technique applicable to all BSD type countermeasures combined with some simple power analysis countermeasures. In order to show that the proposed attack is as practical as the usual differential power analysis (DPA), we estimate the number of samples and computational cost. Furthermore, we enhance the proposed attack in two ways such that it works against right-to-left algorithm in a simpler and more efficient way, and also works against one combined with an extra DPA countermeasure.

Original language | English |
---|---|

Title of host publication | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |

Pages | 119-134 |

Number of pages | 16 |

Volume | 3928 LNCS |

Publication status | Published - 2006 Jul 14 |

Event | 7th IFIP WG 8.8/11.2 International Conference, CARDIS 2006 - Tarargona, Spain Duration: 2006 Apr 19 → 2006 Apr 21 |

### Publication series

Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|

Volume | 3928 LNCS |

ISSN (Print) | 03029743 |

ISSN (Electronic) | 16113349 |

### Other

Other | 7th IFIP WG 8.8/11.2 International Conference, CARDIS 2006 |
---|---|

Country | Spain |

City | Tarargona |

Period | 06/4/19 → 06/4/21 |

### Fingerprint

### Keywords

- Binary Signed Digit (BSD) Representation
- Differential Power Analysis
- Elliptic Curve Cryptosystems
- Refined Power Analysis
- Side Channel Attack

### ASJC Scopus subject areas

- Biochemistry, Genetics and Molecular Biology(all)
- Computer Science(all)
- Theoretical Computer Science

### Cite this

*Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)*(Vol. 3928 LNCS, pp. 119-134). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 3928 LNCS).

**Generic cryptanalysis of combined countermeasures with randomized BSD representations.** / Kim, Tae Hyun; Han, Dong G.; Okeya, Katsuyuki; Lim, Jong In.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

*Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics).*vol. 3928 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 3928 LNCS, pp. 119-134, 7th IFIP WG 8.8/11.2 International Conference, CARDIS 2006, Tarargona, Spain, 06/4/19.

}

TY - GEN

T1 - Generic cryptanalysis of combined countermeasures with randomized BSD representations

AU - Kim, Tae Hyun

AU - Han, Dong G.

AU - Okeya, Katsuyuki

AU - Lim, Jong In

PY - 2006/7/14

Y1 - 2006/7/14

N2 - In ICICS'04, Sim et al. proposed an attack against the full version of Ha-Moon's countermeasure which is one of enhanced counter-measures. The analysis technique is based on the fact that the probability for the appearance of an intermediate value is p = 1/2. By our simulations, however, it is proven to be not true. Thus sometimes the output of their attack might be wrong because there exists the case that the probability p is so small that they can make a wrong decision. In this paper we repair the above attack, and then propose a generic analytical technique applicable to all BSD type countermeasures combined with some simple power analysis countermeasures. In order to show that the proposed attack is as practical as the usual differential power analysis (DPA), we estimate the number of samples and computational cost. Furthermore, we enhance the proposed attack in two ways such that it works against right-to-left algorithm in a simpler and more efficient way, and also works against one combined with an extra DPA countermeasure.

AB - In ICICS'04, Sim et al. proposed an attack against the full version of Ha-Moon's countermeasure which is one of enhanced counter-measures. The analysis technique is based on the fact that the probability for the appearance of an intermediate value is p = 1/2. By our simulations, however, it is proven to be not true. Thus sometimes the output of their attack might be wrong because there exists the case that the probability p is so small that they can make a wrong decision. In this paper we repair the above attack, and then propose a generic analytical technique applicable to all BSD type countermeasures combined with some simple power analysis countermeasures. In order to show that the proposed attack is as practical as the usual differential power analysis (DPA), we estimate the number of samples and computational cost. Furthermore, we enhance the proposed attack in two ways such that it works against right-to-left algorithm in a simpler and more efficient way, and also works against one combined with an extra DPA countermeasure.

KW - Binary Signed Digit (BSD) Representation

KW - Differential Power Analysis

KW - Elliptic Curve Cryptosystems

KW - Refined Power Analysis

KW - Side Channel Attack

UR - http://www.scopus.com/inward/record.url?scp=33745776291&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33745776291&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:33745776291

SN - 3540333118

SN - 9783540333111

VL - 3928 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 119

EP - 134

BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

ER -