“…These include, e.g., regular w-NAF and m-ary methods [20,34,40,45,51], regular width-w τ -adic NAF method for Koblitz curves [46], the regular signed-digit comb methods [21,30], and scalar multiplications on curves with fast endomorphisms that use multiscalar multiplications with precomputations (e.g., GLV [24] and GLS [23] methods and, in particular, the recent regular algorithm [19]). Some of these methods have been recently utilized in lightweight ECC implementations to achieve protection against single-trace attacks: e.g., [30] was used in [47], [46] in [48], and [19] in [14]. All deterministic countermeasures inside Ψ such as atomicity of point addition and point doubling, unified addition formulae, etc., do not work against the attack and are, thus, also in the list of vulnerable methods when used in a scalar multiplication algorithm that utilizes precomputations in the above sense.…”