14 pages
English

The Carry Leakage on the Randomized Exponent

-

Obtenez un accès à la bibliothèque pour le consulter en ligne
En savoir plus

Description

Niveau: Supérieures
The Carry Leakage on the Randomized Exponent Countermeasure Pierre-Alain Fouque 1 , Denis Real 2;3 , Frederi Valette 2 , and Mhamed Drissi 3 1 E ole normale superieure/CNRS/INRIA, 75 Paris, Fran e Pierre-Alain.Fouqueens.fr 2 CELAR, 35 Bruz, Fran e fDenis.Real;Frederi .Valettegdga.defense.gouv.fr 3 INSA-IETR, 20 avenue des oesmes, 35043 Rennes, Fran e fDenis.Real;Mhamed.Drissiginsa-rennes.fr Abstra t. In this paper, we des ribe a new atta k against a lassi al dierential power analysis resistant ountermeasure in publi key implementations. This ountermeasure has been suggested by Coron sin e 1999 and is known as the exponent randomization. Here, we show that even though the binary exponentiation, or the s alar produ t on ellip- ti urves implementation, does not leak information on the se ret key, the omputation of the randomized se ret exponent, or s alar, an leak useful information for an atta ker. Su h part of the algorithm an be not well-prote ted sin e its goal is to avoid atta k during the exponentiation. Consequently, our atta k an be mounted against any kind of exponentiation, even very resistant as soon as the exponent randomization ounter- measure is used.

  • prote ted

  • bit

  • against spa

  • has been

  • against very

  • ted sin

  • exponent randomization

  • dpa atta


Sujets

Informations

Publié par
Nombre de lectures 32
Langue English

The
Carry
Leak
age
y
er

on
the
the

Randomized
tro
Exp
double-and-add
onen
t
t
m
Coun
er
termeasure
k
Pierre-Alain
and
F

ouque
simple
1
implemen
,
implemen
Denis

R
of

Coron
eal
bit
2
in
;
of
3
v
,
applications
F
of
r
and

a
ed


so
eric
t.
V
use
alette
b
2
h
,
onen
and
ts
Mhamed
of
Drissi
termeasure
3
termeasure,
1


ted.
Ecole
ed
normale
Ho
sup
tire

based
erieure/CNRS/INRIA,
hannel
75
w
P
most
aris,
lev
F
against
rance
o
Pierre-Alain.Fouque@ens.fr
the
2
Elliptic
CELAR,
wide
35
to
Bruz,
er
F
a
rance
the
f
op

k
g
is

that
.def
ev
ense.
e
gouv
tial
.fr
[13])
3
and
INSA-IETR,
randomizing
20
scalar
a
order
v
)
en
or
ue
oin
des
e.

prop
esmes,
1999.
35043
onen
Rennes,
same
F
v
rance

f
This
Denis.Real;Mhamed.Drissi
een
g
ouque

Doubling
sa-r
in
ennes
is
.fr
k

or
In
1
this
Side
pap
ks
er,
p
w

e
da
describ
b
e
require
a
of
new


h
k
ks.
against
the
a
algorithms

ultiply
dieren
analog
tial
e,
p
since
o
There
w

er
v
analysis
o
resistan
(SP
t
that

p
termeasure
ultiply
in
op
public
all
k
of
ey
are
implemen
dep
tations.

This
ery


termeasure
implemen
has
Ho
b

een

suggested
k
b
using
y
o
Coron
(DP
since
hniques
1999
in
and
p
is

kno

wn
or
as
y
the
of
exp
the
onent
(
r
the
andomization
mo
.
the
Here,
base
w
in
e
Elliptic
sho
h
w
b
that
b
ev

en
this
though

the
will
binary
e
exp
DP
onen
that
tiation,
the
or
y
the
e
scalar
W
pro
ell-kno

has
on

ellip-
y

V

using
es
ttac
implemen
ev
tation,
h
do
adv
es
en
not

leak
ey
information
RSA
on
ECC
the


In
k

ey

,

the
are

ery
of
o
the
erful
randomized
ks

to
exp
y
onen
em
t,
edded
or
that
scalar,
high

el
leak

useful
use
information
termeasures
for

an
kind


k
Tw
er.
of

most
h
studied
part
are
of
square-and-m
the
algorithm
algorithm
its

on
b
Curv
e
the
not
algorithm,
w
its
ell-protected
usage.
since
exists
its

goal
termeasure
is
a
to
oid
a
p
v
w
oid
analysis

A)
k
k,
during
alw
the
ys
exp
erforms
onen
m
tiation.
or
Consequen
add
tly
eration
,
that
our
the

erations
k
the

tation
b
not
e
ey
moun
enden
ted
This
against
termeasure
an
v
y

kind
in
of
so
exp
most
onen
tations
tiation,
it.
ev
w
en
er,
v
h
ery
tations
resistan
b
t

as
ed
so
y
on
dieren
as
p
the
w
exp
analysis
onen
A
t

randomization


as
ter-
[14]
measure
a
is
opular
used.
termeasure
W
in
e
the
target
exp
an
t
`

-bit
b
adder
a
whic
ultiple
h
the
adds
of
`
elemen
-bit
'
w
N
ords
in
of

the
RSA

dulus
exp
of
onen
order
t
the
and
p
of
t
a
the
random
of
v
Curv
alue.

W

e
has
sho
een
w
osed
that
y
if
in
the
since

With
leaks

during
the
the
exp
addition,
t
then
nev
w
b
e
the

and
almost
A
learn
ks
the

high
er
order

bits
b
of
bit

b
h
moun
w
Related
ord
ork.
of
w
the
wn

termeasure
exp
b
onen
rst
t.
k
Finally
b
,
F

and
h
alette
information
[11]

the
b
A
e
k.
then
w
used
er,
to



v
the
er
ersary
the
assumedto
b
e
side
and
a
able
other
to
v
send
for
man
of
y
for
times
w
the
)
same
base
message
k
and
the
that
er
no
of
randomization
to
of
ot
the
k
message

is
x
p
with
erformed
v
b
not
efore
en
the
tiation
exp

onen
Then
tiation.
step
Here,

our
onen

the
k
is
a
in
v
missing
oids
t
these
whole
t
of
w
d
o
and
dra
the
wbac
eration
ks
random
since
[17]
the
part

in
k

do
w
es
uses
not

need
the
the
w
kno
e
wledge
the
of
k
the
that
message.
other
In
eys
[10],
alue
F
are
ouque
et
et
Ho
al.
ust
sho
since
w
birthda
that
requiremen
if
ot
Coron's
um

In
termeasure
that
is

used

with

some
no
windo
is
wing
itself
exp

onen
an
tiation
onen
algorithms
d
and
random
a
one,
small
of
public
um
k
the
ey
P
e
al.
,

then
on
a

simple
since
SP
and
A
Finally
follo

w
ery
ed
exp
b
t
y
age
a
from
v
sho
ery
t,

in
er


h
k
the

-bit

go
v
er
er
the
the
is

y
k
b
ey
required
d

and
k
'
ering
(
the
N
the
)
addition
in
y
the
in
same
mo
time.
ev
In
bits
[10],
b
the
n
implemen
metho
tation
on
is
parado
not
and
protected
are
against
square
SP
fourth
A
the

er
ks
Our
since
pap
the
sho

exp
SP

A
e

v
k
and
do
k
es
e
not
The
w
elt
ork

on
target
the
the
windo
j
wing

algorithms.
(
In

this
mo
w
the
ork,
x
the
j
authors
.
ha
of
v
alue
e
and
to
targeted
solv
the
e

a
random
problem
er,
similar
ultiple
of
of
that
oin
whic
Seifert
h
Brier
w

e
also
try
on
to
the
solv
public
e
Here,
here,
is
namely
asiv
,
e

hange
v
e
ering

the
this

v
d
since
in
against
RSA,
or
kno
v
wing
tiation
some
exp

since
onse
hannel

from
bits
and
of
exp
d
W
.
that
Indeed,
exp
side
scalar,

are
hannel
`

then
hnique
the
allo
and
ws

F
to
ouque
order
et
h
al.
ord
to
with
learn
d
some

k
whole
ey
,
bits
um
of
missing
man
enough
y

randomized
gian
exp
d
onen
used
ts
hniques
of
nd
the
In
form
RSA
d
large
j
the
=

d
randomized
+
j

wn
j
order.
'
j
(
wn,
N
the
),
are
for
Coron
man
al.
y


RSA
j
dulus.
in
w
a
er,
small
missing
set,
m
the
not
set
e
of
o
20-bit
umerous
or
the
32-bit
d
in
based
tegers
the
in
y
t
x
ypical
memory
implemen
time
tations.
ts

almost
v
the
ering
ro

or
RSA
ro
k
of
ey
n
kno
b
wing
of
some
bits.
bits
Results.
of
this
d
er,
is
e
an
w
old
the
problem
onen
starting
randomization
from
termeasure
the
b
pionerring

w
ed
ork
ery
of
tly
Boneh,
the
Durfee

and
ey
F
b
rank

el
ered.
in
main

v
since
y
1998.
the
Ho
k
w
to
ev
the
er,
of
the
randomization

d
hniques
=
used
+
in
j
Boneh
'
et
N
al.
in
's
of
pap
RSA
er
dulus
are
not
based
exp
on
tiation
Copp
7!
ersmith's
d
lattice
mo
algorithm
N
[5,
In
6]
addition
that
a
w
v
orks
with
w
x
ell

when
the
the
op
bits
is
are
sum

the
onse
scalar

a
.
n
Later,
b
other
a

m
ks
of

order
h
the
as
p
[9,
t
1]
.
ha
in
v
and
e
et
b
in
een
ha
prop
e
osed
studied
on
ks
RSA,
other
but
of
no
algorithm,
one
some

information
[10]
example.
targets
our
the
k

less
when
v
bits
e
are
w
non
do


e.
parameters
In
w
the
only
Elliptic
some
Curv
radiations.
e
,


the
is
problem
ery
of
t

it
v
orks
ering
v


scalar
ev
when
\pro

ably-secure"
e
onen
bits
that
are
the
kno
onen
wn
randomization
has
the
also

b
leak
een

studied.
the
The
termeasure
Bab
not
y
the
Step
onen
Gian
algorithm.
t
e
Step
w
algorithm
when


alw
onen
a
or
ys
and
b
randomization
e

used,
to
ho
-bit
w
ord,
ev
the
er
of

adder
the
leak
memory

requiremen
information
t
b
is
used
not
guess
alw
high
a
bits
ys

p
`
ossible
w
as
of
with

P
a
ollard
o
algorithm
precision.
or
to
the
v
lam
the
b

da
ey
metho
either
d,
n
a.k.a.
b
the
of
k
bits
angoro
small
o
so
algorithm
a
in
bab
[19,
step

t
Ho
metho
w

ev
e
er,
or
Stinson

describ
are
es
to
an
the
algorithm
bits.
due
the
to
of
Copp
k
ersmith
or
in
ECC
[18]
eys,
that
idea

in
b
v
e
the
used
v
to


using
the
kno
memory
bits
requiremen
the
t.

A

similar
's
algorithm
kno
has
the
b
or
een
exp
devised
tiation
b
2unprotected
against

DP
exp
probabilit

A
+

for
ks
and

for
h
t
as
with
address-bit

DP
wn
A
of
[12]
E
or
d
Correlation
mo
P
If
o
a
w
with
er
urthermore,
Analysis
A
(CP
e.
A)
1

for
k
w

N
Organization
d
of
-bit
the
(
pap
SCA
er.
)
The
Sk

to
of
v
the
.

lik
k

is
the
presen
is
ted
the
in
h

bit
2.

Then,
onen
in


:
3,
p
w
E
e
bits

,
explain
,
ho
:
w
(resp.
the
ak
kno

wledge
+
of
d
the
E
n
tiation
um
d
b
Priv
er
(resp.
of
the

in
allo
teger
ws
er
us
i
to
dep
guess
in
the
alue
high
a
order
teger
bits
#
of
leads

results.
h

w
t
ord
execution
of

the
ks

e
k
b
ey
ecome
.
h
In
is

the
4,
randomization.
w
es
e
for
sho
{
w
message
that
(resp.
the
t
in

ternal
ECC),

size
of
,
the
t
full
mo
addition
#
in

v
{
olv
d
ed
for
in

the
1.
masking
a
pro
in

2.

=
b
j
e
)
observ
=
ed
j
b
3.
y
exp
SCA.
d
Finally
N
,

in
1.

Exp
5
for
w
2.2
e
h
describ
ttac
e
adds
the
R

xed
ks
,
against
o

dieren
implemen
of
tations
observ
of
ag
RSA
on
and
on
ECC
random
to
xed
retriev
is
e
to
the
ag
whole
xed

.
k
j
ey
E
.
ECC
2
to
The
same
A
F
ttac
if
k
j

dieren
The
at
idea
h
of
of
the
algorithm,

DP
k

is
whic
to
retriev
target
the
the
bit

y
termeasure
b
op
ineectiv
eration

and
a
not
termeasure
the
kno
exp
as
onen
exp
tiation
t
or
Fig.
scalar
describ
pro
this

hnique
op
RSA
eration.
ECC.
The
Inputs
former
a
op
M
eration
RSA
is
a
usually
oin
not
P
w
a
ell
e
protected
for
since
a
it
ord
is
in
used

to
an
protect
onen
the
d
latter
a
one.
dulus
So,
(resp.
in
E
the
the
sequel,
of
w
).
e
Output
assume
M
that
mo
the
N
exp
RSA
onen
d
tiation
P
is
ECC)
protected
T
against
e
SP

A
random
b
teger
y
j
using
Compute
the
j
square-and-m
d
ultiply

alw
'
a
N
ys
(resp.
algorithm
j
and
d
against

DP
#
A
)

Return
k
protected
b
onen
y
M
using
j
randomization
d
of
(resp.
the
j
message
P
ev
Fig.
en
The
with
ate
unkno
onen
wn
Randomization
blinding
RSA
and
ECC)
the
The
randomization

of
of
the
A
exp
k
onen
someone
t.
random
2.1
tegers
The
i

a
Randomization
in
Coun
S
termeasure
the
It
y
is
v
w
the
ell-kno
t
wn
alues
that
R
randomizing
to
d
e
with

d
only
j
ends
=
S
d
Indeed,
+
8-bit

tegers,
j
addition
'
the
(
v
N
0xFF
)
more
for
ely
RSA
raise
and

d
than
j
the
=
in
d
0x01
+
3In
tegers
are
often
E
o
out.
to
the
o
b
large
t
to
the
b
assumed
e
`
added
w
through
b
a
j
digital
j

1
The
are
op
-w
erands
en
are
full
usually
adder
brok

en
the
in
to
to
d
`
A
-bit
the
w
i
ords
onen
and
.
the
describ
full
atomic
addition
designed
function
addition.
is
the
splitted
-bit
in
16
to
p
`
using
-bit
es
additions.
op
An
sum
`

-bit

addition
ord
is
priv
the
are
sum
j
of
)
t
=
w

o
-bit
`

-bit
is
in
during
tegers.
i
A
(

the
ag
onen
is
2
raised
{
for
randomization
a
b
buer
a
o
ripple
v
t
ero
erands
w,
are
i.e.
k
when
ords
the
8
`
32.
-bit
is
sum
w
is
w
larger
`
or
h
equal
input
to
`
2
and
`
outputs
.
the
These
ripple


ags
and
raised
Let
during
the
the
from
full
1.
addition
exp

the
b
b
e
A
observ
=
ed
(
b
RSA
y
j
side
j

ECC.
hannel
raised
analysis.
th
An
for

randomization
k
j
er
C
who
sum
observ
ags
es
m
a
randomizations,

P
for
=0
man
)
y


adder
randomizations
th

randomization
use
in
the
the

follo
ag
:
as
size
a
is

to
of
e
information
as
to
k
retriev
ord
e

the
The

w
RSA
op
or
of
ECC
addition
exp
brok
onen
in
t.
`
Our
w

with
k
=
uses
;
t
or
w
The
o
addition
stages:
then
the
erformed
side
ord

y
hannel
ord
analysis
a
to
-bit
obtain
whic
information
tak
on
as
the
t

o
and
-bit
the
erands

a

and
k
the
whic
and
h

uses
The
the
strategy
information
in
to
haining


v
the
er
together.
the
i
en
e
tire
w


k
0
ey
k
.
The
2.3
ate
The
onen
Exp
and
onen
mask
t
denoted
Randomization
y
Ripple
and
Carry
(
Addition
)
This

subsection
'
describ
N
es
for
the
and
notations
(
used
)
in

the
#
rest
for
of
The
the
ag
pap
during
er.
i
The
`

addition
k
the
er
th
p
is
erforms
(
m
)
exp
and
onen
i
t
the
randomizations
of
and

j
raised
denotes
the
the
exp

t
of
C
the
=
randomization
m
from
j
0

to
j
m
i
1.
The
Fig.
of
2.
ripple
j
for
th
j
Exp
exp
onen
t
t
is
randomization
ed
The
Fig.
addition
and
function
notations
used
the
for
wing:
the
`
exp
The
onen
adder
t
4