Dismantling Real-World ECC with Horizontal and Vertical Template Attacks
| Autor: | Dugardin, M., Papachristodoulou, L., Najm, Z., Batina, L., Danger, J.-L., Guilley, S., Standaert, F.-X., Oswald, E. |
|---|---|
| Přispěvatelé: | THALES COMMUNICATIONS & SECURITY, THALES, Télécom ParisTech, Digital Security Group [Nijmegen], Institute for Computing and Information Sciences [Nijmegen] (ICIS), Radboud university [Nijmegen]-Radboud university [Nijmegen], Secure-IC S.A.S, Institut Mines-Télécom [Paris] (IMT), François-Xavier Standaert, Elisabeth Oswald, Standaert, F.-X., Oswald, E. |
| Jazyk: | angličtina |
| Rok vydání: | 2016 |
| Předmět: | |
| Zdroj: | Constructive Side-Channel Analysis and Secure Design7th International Workshop, COSADE 2016Graz, Austria, April 14–15, 2016Revised Selected Papers Constructive Side-Channel Analysis and Secure Design-COSADE 2016 Constructive Side-Channel Analysis and Secure Design-COSADE 2016, Apr 2016, Graz, Austria. pp 88-108 Standaert, F.-X.; Oswald, E. (ed.), Constructive Side-Channel Analysis and Secure Design: 7th International Workshop, COSADE 2016, Graz, Austria, April 14-15, 2016, Revised Selected Papers, pp. 88-108 Standaert, F.-X.; Oswald, E. (ed.), Constructive Side-Channel Analysis and Secure Design: 7th International Workshop, COSADE 2016, Graz, Austria, April 14-15, 2016, Revised Selected Papers, 88-108. Cham : Springer International Publishing STARTPAGE=88;ENDPAGE=108;ISSN=0302-9743;TITLE=Standaert, F.-X.; Oswald, E. (ed.), Constructive Side-Channel Analysis and Secure Design: 7th International Workshop, COSADE 2016, Graz, Austria, April 14-15, 2016, Revised Selected Papers |
| ISSN: | 0302-9743 |
| Popis: | International audience; Recent side-channel attacks on elliptic curve algorithms have shown that the security of these cryptosystems is a matter of serious concern. The development of techniques in the area of Template Attacks makes it feasible to extract a 256-bit secret key with only 257 traces. This paper enhances the applicability of this attack by exploiting both the horizontal leakage of the carry propagation during the finite field multiplication, and the vertical leakage of the input data. As a further contribution, our method provides detection and auto-correction of possible errors that may occur during the key recovery. These enhancements come at the cost of extra traces, while still providing a practical attack. Finally, we show that the elliptic curve algorithms developed for PolarSSL, and consequently mbedTLS, running on an ARM STM32F4 platform is completely vulnerable, when used without any modifications or countermeasures. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|