Side channel cryptanalysis on XTR public key cryptosystem

Dong Guk Han, Tetsuya Izu, Jong In Lim, Kouichi Sakurai

Research output: Contribution to journalArticle

3 Citations (Scopus)

Abstract

The XTR public key cryptosystem was introduced in 2000. XTR is suitable for a variety of environments including low-end smart cards, and is regarded as an excellent alternative to RSA and ECC. Moreover, it is remarked that XTR single exponentiation (XTR-SE) is less susceptible than usual exponentiation routines to environmental attacks such as the timing attack and the differential power analysis (DPA). This paper investigates the security of side channel attack (SCA) on XTR. In this paper, we show the immunity of XTR-SE against the simple power analysis if the order of the computation of XTR-SE is carefully considered. In addition, we show that XTR-SE is vulnerable to the data-bit DPA, the address-bit DPA, the doubling attack, the modified refined power analysis, and the modified zero-value attack. Moreover, we propose some countermeasures against these attacks. We also show experimental results of the efficiency of the countermeasures. From our implementation results, if we compare XTR with ECC with countermeasures against "SCAs." we think XTR is as suitable to smart cards as ECC.

Original languageEnglish
Pages (from-to)1214-1223
Number of pages10
JournalIEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
VolumeE88-A
Issue number5
DOIs
Publication statusPublished - 2005 Sep 9

Fingerprint

Smart cards
Public-key Cryptosystem
Exponentiation
Cryptanalysis
Cryptography
Differential Power Analysis
Countermeasures
Attack
Power Analysis
Smart Card
Timing Attack
Side Channel Attacks
Immunity
Doubling
Side channel attack
Alternatives
Zero
Experimental Results

Keywords

  • Address-bit DPA
  • Data-bit DPA
  • Doubling attack
  • Refined power analysis
  • Side channel attacks
  • SPA
  • XTR public key cryptosystem
  • Zero-value attack

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Hardware and Architecture
  • Information Systems

Cite this

Side channel cryptanalysis on XTR public key cryptosystem. / Han, Dong Guk; Izu, Tetsuya; Lim, Jong In; Sakurai, Kouichi.

In: IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Vol. E88-A, No. 5, 09.09.2005, p. 1214-1223.

Research output: Contribution to journalArticle

@article{a2014bddf9124daeb8d8410cfc1d05ba,
title = "Side channel cryptanalysis on XTR public key cryptosystem",
abstract = "The XTR public key cryptosystem was introduced in 2000. XTR is suitable for a variety of environments including low-end smart cards, and is regarded as an excellent alternative to RSA and ECC. Moreover, it is remarked that XTR single exponentiation (XTR-SE) is less susceptible than usual exponentiation routines to environmental attacks such as the timing attack and the differential power analysis (DPA). This paper investigates the security of side channel attack (SCA) on XTR. In this paper, we show the immunity of XTR-SE against the simple power analysis if the order of the computation of XTR-SE is carefully considered. In addition, we show that XTR-SE is vulnerable to the data-bit DPA, the address-bit DPA, the doubling attack, the modified refined power analysis, and the modified zero-value attack. Moreover, we propose some countermeasures against these attacks. We also show experimental results of the efficiency of the countermeasures. From our implementation results, if we compare XTR with ECC with countermeasures against {"}SCAs.{"} we think XTR is as suitable to smart cards as ECC.",
keywords = "Address-bit DPA, Data-bit DPA, Doubling attack, Refined power analysis, Side channel attacks, SPA, XTR public key cryptosystem, Zero-value attack",
author = "Han, {Dong Guk} and Tetsuya Izu and Lim, {Jong In} and Kouichi Sakurai",
year = "2005",
month = "9",
day = "9",
doi = "10.1093/ietfec/e88-a.5.1214",
language = "English",
volume = "E88-A",
pages = "1214--1223",
journal = "IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences",
issn = "0916-8508",
publisher = "Maruzen Co., Ltd/Maruzen Kabushikikaisha",
number = "5",

}

TY - JOUR

T1 - Side channel cryptanalysis on XTR public key cryptosystem

AU - Han, Dong Guk

AU - Izu, Tetsuya

AU - Lim, Jong In

AU - Sakurai, Kouichi

PY - 2005/9/9

Y1 - 2005/9/9

N2 - The XTR public key cryptosystem was introduced in 2000. XTR is suitable for a variety of environments including low-end smart cards, and is regarded as an excellent alternative to RSA and ECC. Moreover, it is remarked that XTR single exponentiation (XTR-SE) is less susceptible than usual exponentiation routines to environmental attacks such as the timing attack and the differential power analysis (DPA). This paper investigates the security of side channel attack (SCA) on XTR. In this paper, we show the immunity of XTR-SE against the simple power analysis if the order of the computation of XTR-SE is carefully considered. In addition, we show that XTR-SE is vulnerable to the data-bit DPA, the address-bit DPA, the doubling attack, the modified refined power analysis, and the modified zero-value attack. Moreover, we propose some countermeasures against these attacks. We also show experimental results of the efficiency of the countermeasures. From our implementation results, if we compare XTR with ECC with countermeasures against "SCAs." we think XTR is as suitable to smart cards as ECC.

AB - The XTR public key cryptosystem was introduced in 2000. XTR is suitable for a variety of environments including low-end smart cards, and is regarded as an excellent alternative to RSA and ECC. Moreover, it is remarked that XTR single exponentiation (XTR-SE) is less susceptible than usual exponentiation routines to environmental attacks such as the timing attack and the differential power analysis (DPA). This paper investigates the security of side channel attack (SCA) on XTR. In this paper, we show the immunity of XTR-SE against the simple power analysis if the order of the computation of XTR-SE is carefully considered. In addition, we show that XTR-SE is vulnerable to the data-bit DPA, the address-bit DPA, the doubling attack, the modified refined power analysis, and the modified zero-value attack. Moreover, we propose some countermeasures against these attacks. We also show experimental results of the efficiency of the countermeasures. From our implementation results, if we compare XTR with ECC with countermeasures against "SCAs." we think XTR is as suitable to smart cards as ECC.

KW - Address-bit DPA

KW - Data-bit DPA

KW - Doubling attack

KW - Refined power analysis

KW - Side channel attacks

KW - SPA

KW - XTR public key cryptosystem

KW - Zero-value attack

UR - http://www.scopus.com/inward/record.url?scp=24144491128&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=24144491128&partnerID=8YFLogxK

U2 - 10.1093/ietfec/e88-a.5.1214

DO - 10.1093/ietfec/e88-a.5.1214

M3 - Article

AN - SCOPUS:24144491128

VL - E88-A

SP - 1214

EP - 1223

JO - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

JF - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

SN - 0916-8508

IS - 5

ER -