Visible to the public Biblio

Filters: Author is Batina, L.  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
Fournaris, A. P., Papachristodoulou, L., Batina, L., Sklavos, N..  2016.  Residue Number System as a side channel and fault injection attack countermeasure in elliptic curve cryptography. 2016 International Conference on Design and Technology of Integrated Systems in Nanoscale Era (DTIS). :1–4.

Implementation attacks and more specifically Power Analysis (PA) (the dominant type of side channel attack) and fault injection (FA) attacks constitute a pragmatic hazard for scalar multiplication, the main operation behind Elliptic Curve Cryptography. There exists a wide variety of countermeasures attempting to thwart such attacks that, however, few of them explore the potential of alternative number systems like the Residue Number System (RNS). In this paper, we explore the potential of RNS as an PA-FA countermeasure and propose an PA-FA resistant scalar multiplication algorithm and provide an extensive security analysis against the most effective PA-FA techniques. We argue through a security analysis that combining traditional PA-FA countermeasures with lightweight RNS countermeasures can provide strong PA-FA resistance.

Kabin, I., Dyka, Z., Klann, D., Mentens, N., Batina, L., Langendoerfer, P..  2020.  Breaking a fully Balanced ASIC Coprocessor Implementing Complete Addition Formulas on Weierstrass Elliptic Curves. 2020 23rd Euromicro Conference on Digital System Design (DSD). :270–276.
In this paper we report on the results of selected horizontal SCA attacks against two open-source designs that implement hardware accelerators for elliptic curve cryptography. Both designs use the complete addition formula to make the point addition and point doubling operations indistinguishable. One of the designs uses in addition means to randomize the operation sequence as a countermeasure. We used the comparison to the mean and an automated SPA to attack both designs. Despite all these countermeasures, we were able to extract the keys processed with a correctness of 100%.