On security of XTR public key cryptosystems against side channel attacks

Dong Guk Han, Jong In Lim, Kouichi Sakurai

Research output: Contribution to journalArticle

4 Citations (Scopus)

Abstract

The XTR public key system was introduced at Crypto 2000. It is regarded that XTR is suitable for a variety of environments, including low-end smart cards, and XTR is the excellent alternative to either RSA or ECC. In [LV00a,SL01], authors remarked that XTR single exponentiation (XTR-SE) is less susceptible than usual exponentiation routines to environmental attacks such as timing attacks and Differential Power Analysis (DPA). In this paper, however, we investigate the security of side channel attack (SCA) on XTR. This paper shows that XTR-SE is immune against simple power analysis under assumption that the order of the computation of XTR-SE is carefully considered. However, we show that XTR-SE is vulnerable to Data-bit DPA, Address-bit DPA, and doubling attack. Moreover, we propose countermeasures that prevent the proposed attacks. As the proposed countermeasure against doubling attack is very inefficient, a good countermeasure against doubling attack is actually necessary to maintain the advantage of efficiency of XTR.

Original languageEnglish
Pages (from-to)454-465
Number of pages12
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume3108
Publication statusPublished - 2004 Dec 1

Fingerprint

Side Channel Attacks
Public-key Cryptosystem
Exponentiation
Cryptography
Differential Power Analysis
Attack
Countermeasures
Doubling
Smart cards
Timing Attack
Power Analysis
Smart Card
Public key
Side channel attack
Health Smart Cards
Necessary
Alternatives

Keywords

  • Address-bit DPA
  • Data-bit DPA
  • Doubling attack
  • Side Channel Attacks
  • SPA
  • XTR Public Key Cryptosystem

ASJC Scopus subject areas

  • Computer Science(all)
  • Biochemistry, Genetics and Molecular Biology(all)
  • Theoretical Computer Science

Cite this

@article{f0b648accc914952827e9657411b2924,
title = "On security of XTR public key cryptosystems against side channel attacks",
abstract = "The XTR public key system was introduced at Crypto 2000. It is regarded that XTR is suitable for a variety of environments, including low-end smart cards, and XTR is the excellent alternative to either RSA or ECC. In [LV00a,SL01], authors remarked that XTR single exponentiation (XTR-SE) is less susceptible than usual exponentiation routines to environmental attacks such as timing attacks and Differential Power Analysis (DPA). In this paper, however, we investigate the security of side channel attack (SCA) on XTR. This paper shows that XTR-SE is immune against simple power analysis under assumption that the order of the computation of XTR-SE is carefully considered. However, we show that XTR-SE is vulnerable to Data-bit DPA, Address-bit DPA, and doubling attack. Moreover, we propose countermeasures that prevent the proposed attacks. As the proposed countermeasure against doubling attack is very inefficient, a good countermeasure against doubling attack is actually necessary to maintain the advantage of efficiency of XTR.",
keywords = "Address-bit DPA, Data-bit DPA, Doubling attack, Side Channel Attacks, SPA, XTR Public Key Cryptosystem",
author = "Han, {Dong Guk} and Lim, {Jong In} and Kouichi Sakurai",
year = "2004",
month = "12",
day = "1",
language = "English",
volume = "3108",
pages = "454--465",
journal = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
issn = "0302-9743",
publisher = "Springer Verlag",

}

TY - JOUR

T1 - On security of XTR public key cryptosystems against side channel attacks

AU - Han, Dong Guk

AU - Lim, Jong In

AU - Sakurai, Kouichi

PY - 2004/12/1

Y1 - 2004/12/1

N2 - The XTR public key system was introduced at Crypto 2000. It is regarded that XTR is suitable for a variety of environments, including low-end smart cards, and XTR is the excellent alternative to either RSA or ECC. In [LV00a,SL01], authors remarked that XTR single exponentiation (XTR-SE) is less susceptible than usual exponentiation routines to environmental attacks such as timing attacks and Differential Power Analysis (DPA). In this paper, however, we investigate the security of side channel attack (SCA) on XTR. This paper shows that XTR-SE is immune against simple power analysis under assumption that the order of the computation of XTR-SE is carefully considered. However, we show that XTR-SE is vulnerable to Data-bit DPA, Address-bit DPA, and doubling attack. Moreover, we propose countermeasures that prevent the proposed attacks. As the proposed countermeasure against doubling attack is very inefficient, a good countermeasure against doubling attack is actually necessary to maintain the advantage of efficiency of XTR.

AB - The XTR public key system was introduced at Crypto 2000. It is regarded that XTR is suitable for a variety of environments, including low-end smart cards, and XTR is the excellent alternative to either RSA or ECC. In [LV00a,SL01], authors remarked that XTR single exponentiation (XTR-SE) is less susceptible than usual exponentiation routines to environmental attacks such as timing attacks and Differential Power Analysis (DPA). In this paper, however, we investigate the security of side channel attack (SCA) on XTR. This paper shows that XTR-SE is immune against simple power analysis under assumption that the order of the computation of XTR-SE is carefully considered. However, we show that XTR-SE is vulnerable to Data-bit DPA, Address-bit DPA, and doubling attack. Moreover, we propose countermeasures that prevent the proposed attacks. As the proposed countermeasure against doubling attack is very inefficient, a good countermeasure against doubling attack is actually necessary to maintain the advantage of efficiency of XTR.

KW - Address-bit DPA

KW - Data-bit DPA

KW - Doubling attack

KW - Side Channel Attacks

KW - SPA

KW - XTR Public Key Cryptosystem

UR - http://www.scopus.com/inward/record.url?scp=24144498983&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=24144498983&partnerID=8YFLogxK

M3 - Article

VL - 3108

SP - 454

EP - 465

JO - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

JF - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SN - 0302-9743

ER -