Template Attacks against ECC : practical implementation against Curve25519

Antoine Loiseau; Maxime Lecomte; Jacques Fournier

Conference papers

Template Attacks against ECC : practical implementation against Curve25519

Antoine Loiseau ^{1, 2} Maxime Lecomte ¹ Jacques Fournier ¹

1 CEA-LETI - Commissariat à l'énergie atomique et aux énergies alternatives - Laboratoire d'Electronique et de Technologie de l'Information

2 DPACA [Gardanne]

CEA Tech PACA

Abstract : This paper introduces a new profiling attack that targets elliptic curves-based cryptographic implementations. This attack exploits leakages from the conditional swap operation used in implementations using the Montgomery Ladder as a scalar multiplication method for calculating kP in constant time. In addition, our attack requires only one attack trace. This paper shows how the attack is performed on the mbedTLS Curve25519 function and why conventional coordinates randomization countermeasures do not prevent this type of attack. Then, a new countermeasure that is efficient against the presented attack will be proposed and tested. This work was carried out on the implementation of mbedTLS from Curve25519.

Keywords : Template Attacks PCA LDA Asymmetric Cryptography Curve25519 ECC Constant Time mbedTLS

Document type :

Conference papers

Domain :

Computer Science [cs] / Cryptography and Security [cs.CR]

Complete list of metadata

https://hal-cea.archives-ouvertes.fr/cea-03157323
Contributor : Antoine Loiseau <>
Submitted on : Wednesday, March 3, 2021 - 9:49:54 AM
Last modification on : Thursday, March 4, 2021 - 3:15:00 AM

Template Attacks against ECC : practical implementation against Curve25519

File

Identifiers

Collections

Citation

Export

Metrics

64

64

Template Attacks against ECC : practical implementation against Curve25519

File

Identifiers

Collections

Citation

Export

Share

Metrics

64

64