Abstract
Power analysis attacks on elliptic curve based systems
work by analysing the point multiplication algorithm.
Recently Goubin observed that if an
attacker can choose the point $P$ to enter into the point
multiplication algorithm then none of the standard
three randomizations can fully defend against a DPA attack.
In this paper we examine Goubin's attack in more detail and
completely discount its effectiveness when the attacker chooses
a point of finite order,
for the remaining cases we propose a defence based on using
isogenies of small degree.
Translated title of the contribution | An Analysis of Goubin's Refined Power Analysis Attack |
---|---|
Original language | English |
Title of host publication | Cryptographic Hardware and Embedded Systems - CHES 2003 |
Publisher | Springer Berlin Heidelberg |
Pages | 281 - 290 |
Number of pages | 9 |
Volume | 2779 |
Publication status | Published - Sep 2003 |