【 摘 要 】

Recently, Page and Vercauteren proposed a fault attack on pairing algorithms and two countermeasures against such an attack. The countermeasure uses either a random scalar or a random point to blind the input points. To defeat the countermeasure using a random point, we utilize the point addition formula on an elliptic curve. As a result, we successfully defeat the countermeasure using a random point.

【 授权许可】

   

【 预 览 】

附件列表

Files	Size	Format	View
20150520120722749.pdf	234KB	PDF	download

【 参考文献 】

• [1]D. Page and F. Vercauteren, "A Fault Attack on Pairing Based Cryptography," IEEE Trans. Comput., vol. 55, no. 9, Sept. 2006, pp. 1075-1080.
• [2]C. Whelan and M. Scott, "The Importance of the Final Exponentiation in Pairings When Considering Fault Attacks," Proc. Pairing, LNCS 4575, 2007, pp. 225-246.
• [3]T. Kim et al., "Power Analysis Attacks and Countermeasures on ηT Pairing over Binary Fields," ETRI J., vol. 30, no. 1, Feb. 2008, pp. 68-80.
• [4]M. Shirase, T. Takagi, and E. Okamoto, "An Efficient Countermeasure against Side Channel Attacks for Pairing Computation," Proc. ISPEC, LNCS 4991, 2008, pp. 290-303.
• [5]I. Duursma and H. Lee, "Tate Pairing Implementation for Hyperelliptic Curves y2 = xp – x + d," Proc. Asiacrypt, LNCS 2894, 2003, pp.111-123.
• [6]S. Kwon, "Efficient Tate Pairing Computation for Elliptic Curves over Binary Fields," Proc. ACISP, LNCS 3574, 2005, pp. 134-145.
• [7]P. Barreto et al., "Efficient Pairing Computation on Supersingular Abelian Varieties," Design, Codes and Cryptography, vol. 42, no. 3, Feb. 2007, pp. 239-271.
• [8]P. Barreto et al., "Efficient Algorithms for Pairing-Based Cryptosystems," Proc. CRYPTO, LNCS 2442, 2002, pp. 354-369.
• [9]S. Lang, Algebra, rev. 3rd ed., vol. 211, Graduate Texts in Mathematics, New York, N.Y.: Springer-Verlag, 2002.
• [10]S. Ghosh, D. Mukhopadhyay, and D. Chowdhury, "Fault Attack and Countermeasures on Pairing-Based Cryptography," Int. J. Netw. Security, vol. 12, no. 1, Jan. 2011, pp. 21-28.