TY - GEN
T1 - A Formula for Disaster
T2 - International Conference on Theory and Application of Cryptology and Information Security
AU - Sedlacek, Vladimir
AU - Chi-Domínguez, Jesús Javier
AU - Jancar, Jan
AU - Brumley, Billy Bob
N1 - JUFOID=62555
Publisher Copyright:
© 2021, International Association for Cryptologic Research.
PY - 2021
Y1 - 2021
N2 - The Refined Power Analysis, Zero-Value Point, and Exceptional Procedure attacks introduced side-channel techniques against specific cases of elliptic curve cryptography. The three attacks recover bits of a static ECDH key adaptively, collecting information on whether a certain multiple of the input point was computed. We unify and generalize these attacks in a common framework, and solve the corresponding problem for a broader class of inputs. We also introduce a version of the attack against windowed scalar multiplication methods, recovering the full scalar instead of just a part of it. Finally, we systematically analyze elliptic curve point addition formulas from the Explicit-Formulas Database, classify all non-trivial exceptional points, and find them in new formulas. These results indicate the usefulness of our tooling, which we released publicly, for unrolling formulas and finding special points, and potentially for independent future work.
AB - The Refined Power Analysis, Zero-Value Point, and Exceptional Procedure attacks introduced side-channel techniques against specific cases of elliptic curve cryptography. The three attacks recover bits of a static ECDH key adaptively, collecting information on whether a certain multiple of the input point was computed. We unify and generalize these attacks in a common framework, and solve the corresponding problem for a broader class of inputs. We also introduce a version of the attack against windowed scalar multiplication methods, recovering the full scalar instead of just a part of it. Finally, we systematically analyze elliptic curve point addition formulas from the Explicit-Formulas Database, classify all non-trivial exceptional points, and find them in new formulas. These results indicate the usefulness of our tooling, which we released publicly, for unrolling formulas and finding special points, and potentially for independent future work.
KW - ECC
KW - ECDH
KW - Elliptic curve cryptography
KW - Elliptic curve Diffie-Hellman
KW - EPA
KW - Exceptional points
KW - Exceptional procedure attack
KW - Refined Power Analysis
KW - RPA
KW - Side-channel analysis
KW - Zero-value point attack
KW - ZVP
U2 - 10.1007/978-3-030-92062-3_5
DO - 10.1007/978-3-030-92062-3_5
M3 - Conference contribution
AN - SCOPUS:85121919815
SN - 9783030920616
T3 - Lecture Notes in Computer Science
SP - 130
EP - 159
BT - Advances in Cryptology – ASIACRYPT 2021 - 27th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings, Part 1
A2 - Tibouchi, Mehdi
A2 - Wang, Huaxiong
PB - Springer
Y2 - 6 December 2021 through 10 December 2021
ER -