Fault Attacks on Projective-to-Affine Coordinates Conversion

Abstract : This paper presents a new type of fault attacks on elliptic curves cryptosystems. At EUROCRYPT 2004, Naccache et alii showed that when the result of an elliptic curve scalar multiplication [k] P (computed using a fixed scalar multiplication algorithm, such as double-and-add) is given in projective coordinates, an attacker can recover information on k. The attack is somewhat theoretical, because elliptic curve cryptosystems implementations usually convert scalar multiplication's result back to affine coordinates before outputting [k]P. This paper explains how injecting faults in the final projective-to-affine coordinate conversion enables an attacker to retrieve the projective coordinates of [k]P, making Naccache et alii's attack also applicable to implementations that output points in affine coordinates. As a result, such faults allow the recovery of information about k.
Type de document :
Communication dans un congrès
COSADE 2013 - 4th International Workshop Constructive Side-Channel Analysis and Secure Design, 2013, Paris, France. Springer, pp.46-61, 2013, 〈10.1007/978-3-642-40026-1_4〉
Liste complète des métadonnées

https://hal.inria.fr/hal-00934335
Contributeur : David Naccache <>
Soumis le : mardi 21 janvier 2014 - 20:27:07
Dernière modification le : mardi 17 avril 2018 - 11:26:31

Identifiants

Collections

Citation

Diana Maimut, Cédric Murdica, David Naccache, Mehdi Tibouchi. Fault Attacks on Projective-to-Affine Coordinates Conversion. COSADE 2013 - 4th International Workshop Constructive Side-Channel Analysis and Secure Design, 2013, Paris, France. Springer, pp.46-61, 2013, 〈10.1007/978-3-642-40026-1_4〉. 〈hal-00934335〉

Partager

Métriques

Consultations de la notice

290