2004
DOI: 10.1007/978-3-540-28632-5_25
|View full text |Cite
|
Sign up to set email alerts
|

Efficient Countermeasures against RPA, DPA, and SPA

Abstract: In the execution on a smart card, side channel attacks such as simple power analysis (SPA) and the differential power analysis (DPA) have become serious threat [15]. Side channel attacks monitor power consumption and even exploit the leakage information related to power consumption to reveal bits of a secret key d although d is hidden inside a smart card. Almost public key cryptosystems including RSA, DLP-based cryptosystems, and elliptic curve cryptosystems execute an exponentiation algorithm with a secret-ke… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
52
0

Year Published

2005
2005
2015
2015

Publication Types

Select...
8
1

Relationship

0
9

Authors

Journals

citations
Cited by 87 publications
(52 citation statements)
references
References 30 publications
0
52
0
Order By: Relevance
“…Walter [7] observed that one could potentially derive the bits of an exponent by comparing two parts of a consumption trace corresponding to two operations in a group exponentiation and described some simulations. Amiel and Feix [8], and Kim et al [9] describe some attacks and implementations of this strategy applied to the BRIP exponentiation algorithm [10]. A similar attack has been described by Witteman et al [11] applicable to Coron's double-and-add-always exponentiation algorithm, and Kim et al [9] also describe how one could apply such an attack to the Montgomery ladder [12,13].…”
Section: Introductionmentioning
confidence: 95%
See 1 more Smart Citation
“…Walter [7] observed that one could potentially derive the bits of an exponent by comparing two parts of a consumption trace corresponding to two operations in a group exponentiation and described some simulations. Amiel and Feix [8], and Kim et al [9] describe some attacks and implementations of this strategy applied to the BRIP exponentiation algorithm [10]. A similar attack has been described by Witteman et al [11] applicable to Coron's double-and-add-always exponentiation algorithm, and Kim et al [9] also describe how one could apply such an attack to the Montgomery ladder [12,13].…”
Section: Introductionmentioning
confidence: 95%
“…One feature of all these attacks is that an adversary will attempt to determine whether the input to two group operations is the same [8][9][10][11]14]. In this paper we extend this to consider an adversary who is able to determine whether the output of one operation is used as the input to another operation.…”
Section: Introductionmentioning
confidence: 99%
“…Various countermeasures using random point are introduced so far. Among them, BRIP [13] proposed by Mamiya et al can be applied to our attacks efficiently.…”
Section: Countermeasures Against Proposed Attacksmentioning
confidence: 99%
“…Though they explained the theoretical form of their attack against the left-to-right SaMA and BRIP algorithms [16], Miyamoto et al demonstrated the effectiveness of an 1 − N attack in practice [17].…”
Section: Introductionmentioning
confidence: 99%