Combined Implementation Attack Resistant Exponentiation

Jörn-Marc Schmidt, Michael Tunstall, Roberto Maria Avanzi, Ilya Kizhvatov, Timo Kasper, David Oswald

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

12 Citations (Scopus)


Different types of implementation attacks, like those based on side channel leakage and active fault injection, are often considered as separate threats. Countermeasures are, therefore, often developed and implemented accordingly. However, Amiel et al. showed that an adversary can successfully combine two attack methods to overcome such countermeasures. In this paper, we consider instances of these combined attacks applied to RSA and elliptic curve-based cryptosystems. We show how previously proposed countermeasures may fail to thwart these attacks, and propose a countermeasure that protects the variables in a generic exponentiation algorithm in the same scenario.
Translated title of the contributionCombined Implementation Attack Resistant Exponentiation
Original languageEnglish
Title of host publicationLatincrypt 2010
PublisherSpringer Berlin Heidelberg
Publication statusPublished - 2010

Bibliographical note

Other page information: 305-322
Conference Proceedings/Title of Journal: Latincrypt 2010
Other identifier: 2001249


Dive into the research topics of 'Combined Implementation Attack Resistant Exponentiation'. Together they form a unique fingerprint.

Cite this