Abstract
Straightforward implementations of binary exponentiation algorithms make the cryptographic system vulnerable to side-channel attacks; specifically, to simple power analysis (SPA) attacks. Solutions proposed so far introduce a considerable performance penalty. In this paper, we present a new method that implements an SPA-resistant binary exponentiation exhibiting optimal execution time at the cost of a small amount of storage—\({O(\sqrt{\ell})}\), where ℓ is the bit length of the exponent. The technique is optimal in the sense that it adds SPA-resistance to an underlying binary exponentiation algorithm while introducing zero computational overhead. Furthermore, we show that for practical applications, the same optimal execution time can be achieved with much less storage space, without noticeably sacrificing security or any other aspect of the cryptosystem’s performance. We also discuss the possibility of our method being implemented in a way that a certain level of resistance against differential power analysis may be obtained.
Similar content being viewed by others
References
Diffie W., Hellman M.E.: New directions in cryptography. IEEE Trans. Inf. Theory IT-22(6), 644–654 (1976)
Rivest R., Shamir A., Adleman L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)
ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory IT-31(4) (1985)
Koblitz N.: Elliptic curve cryptosystems. Math. Comput. 48(177), 203–209 (1987)
Miller, V.S.: Use of elliptic curves in cryptography. Adv. Cryptol. (1986)
Gordon D.M.: A survey of fast exponentiation methods. J. Algorithms 27(1), 129–146 (1998)
Kocher, P., Jaffe, J., and Jun, B.: Differential power analysis. In: Advances in Cryptology—CRYPTO’ 99, pp. 388–397 (1999)
Arno S., Wheeler F.: Signed digit representations of minimal hamming weight. IEEE Trans. Comput. 42(8), 1007–1010 (1993)
Menezes A.J., van Oorschot P.C., Vanstone S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)
Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Workshop on Cryptographic Hardware and Embedded Systems (1999)
Joye M.: Recovering lost efficiency of exponentiation algorithms on smart cards. Electron. Lett. 38(19), 1095–1097 (2002)
Chevallier-Mames B., Ciet M., Joye M.: Low-cost solutions for preventing simple side-channel analysis: side-channel atomicity. IEEE Trans. Comput. 53(6), 760–768 (2004)
Hankerson D., Menezes A., Vanstone S.: Guide to elliptic curve cryptography. Springer, Berlin (2004)
Ha, J.C., Moon, S.J.: Randomized signed-scalar multiplication of ECC to resist power attacks. In: Workshop on Cryptographic Hardware and Embedded Systems (2002)
Sun D.-Z., Huai J.-P., Sun J.-Z., Cao Z.-F.: An efficient modular exponentiation algorithm against simple power analysis attacks. IEEE Trans. Consumer Electron. 53(4), 1718–1723 (2007)
Cover T.M., Thomas J.A.: Elements of Information Theory, 2nd edn. Wiley-Interscience, New York (2006)
Papoulis A., Pillai U.S.: Probability, Random Variables and Stochastic Processes, 4th edn. McGraw-Hill, New York (2002)
Abramowitz, M., Stegun, I.A. (eds): Handbook of Mathematical Functions. Dover Publications, New York (1965)
Butenhof D.R.: Programming with POSIX Threads. Addison-Wesley, Reading (1997)
Hasan M.A.: Power analysis attacks and algorithmic approaches to their countermeasures for Koblitz curve cryptosystems. IEEE Trans. Comput. 50, 1071–1083 (2001)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Moreno, C., Hasan, M.A. SPA-resistant binary exponentiation with optimal execution time. J Cryptogr Eng 1, 87–99 (2011). https://doi.org/10.1007/s13389-011-0008-9
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-011-0008-9