CA2243761A1 - Timing attack resistant cryptographic system - Google Patents
Timing attack resistant cryptographic system Download PDFInfo
- Publication number
- CA2243761A1 CA2243761A1 CA002243761A CA2243761A CA2243761A1 CA 2243761 A1 CA2243761 A1 CA 2243761A1 CA 002243761 A CA002243761 A CA 002243761A CA 2243761 A CA2243761 A CA 2243761A CA 2243761 A1 CA2243761 A1 CA 2243761A1
- Authority
- CA
- Canada
- Prior art keywords
- group
- intermediate element
- replacing
- cryptographic system
- bits
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/30—Arrangements for executing machine instructions, e.g. instruction decode
- G06F9/30003—Arrangements for executing specific machine instructions
- G06F9/3005—Arrangements for executing specific machine instructions to perform operations for flow control
- G06F9/30058—Conditional branch instructions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/60—Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
- G06F7/72—Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
- G06F7/724—Finite field arithmetic
- G06F7/725—Finite field arithmetic over elliptic curves
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/005—Countermeasures against attacks on cryptographic mechanisms for timing attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2207/00—Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F2207/72—Indexing scheme relating to groups G06F7/72 - G06F7/729
- G06F2207/7219—Countermeasures against side channel or fault attacks
- G06F2207/7261—Uniform execution, e.g. avoiding jumps, or using formulae with the same power profile
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/38—Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation
- G06F7/48—Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using non-contact-making devices, e.g. tube, solid state device; using unspecified devices
- G06F7/4824—Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using non-contact-making devices, e.g. tube, solid state device; using unspecified devices using signed-digit representation
Abstract
A method for determining a result of a group operation performed an integral number of times on a selected element of the group, the method comprises the steps of :representing the integral number as a binary vector; initializing an intermediate element to the group identity element; selecting successive bits, beginning with a left most bit, of the vector. For each of the selected bits; performing the group operation on the intermediate element to derive a new intermediate element; replacing the intermediate element with the new intermediate element; performing the group operation on the intermediate element and an element, selected from the group consisting of: the group element if the selected bit is a one; and an inverse element of the group element if the selected bit is a zero; replacing the intermediate element with the new intermediate element. In a final step, performing the group operation on the intermediate value and the inverse element if the last selected bit is a zero; and replacing the intermediate element therewith, to obtain the result, whereby each of the bits of the integral is processed with substantially equal operations thereby minimizing timing attacks on the cryptographic system.
Priority Applications (8)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA002243761A CA2243761C (en) | 1998-07-21 | 1998-07-21 | Timing attack resistant cryptographic system |
AT99932571T ATE460027T1 (en) | 1998-07-21 | 1999-07-21 | TACT ATTACK RESISTANT CRYPTOGRAPHIC SYSTEM |
EP99932571A EP1097541B1 (en) | 1998-07-21 | 1999-07-21 | Timing attack resistant cryptographic system |
JP2000561725A JP4699610B2 (en) | 1998-07-21 | 1999-07-21 | Anti-timing encryption system |
PCT/CA1999/000658 WO2000005837A1 (en) | 1998-07-21 | 1999-07-21 | Timing attack resistant cryptographic system |
DE69942094T DE69942094D1 (en) | 1998-07-21 | 1999-07-21 | CLAIM-ATTACKING CRYPTOGRAPHIC SYSTEM |
AU48917/99A AU4891799A (en) | 1998-07-21 | 1999-07-21 | Timing attack resistant cryptographic system |
US09/761,700 US7020281B2 (en) | 1998-07-21 | 2001-01-18 | Timing attack resistant cryptographic system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CA002243761A CA2243761C (en) | 1998-07-21 | 1998-07-21 | Timing attack resistant cryptographic system |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2243761A1 true CA2243761A1 (en) | 2000-01-21 |
CA2243761C CA2243761C (en) | 2009-10-06 |
Family
ID=4162681
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002243761A Expired - Lifetime CA2243761C (en) | 1998-07-21 | 1998-07-21 | Timing attack resistant cryptographic system |
Country Status (8)
Country | Link |
---|---|
US (1) | US7020281B2 (en) |
EP (1) | EP1097541B1 (en) |
JP (1) | JP4699610B2 (en) |
AT (1) | ATE460027T1 (en) |
AU (1) | AU4891799A (en) |
CA (1) | CA2243761C (en) |
DE (1) | DE69942094D1 (en) |
WO (1) | WO2000005837A1 (en) |
Families Citing this family (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2252078C (en) * | 1998-10-28 | 2009-02-17 | Certicom Corp. | Power signature attack resistant cryptographic system |
US6948065B2 (en) * | 2000-12-27 | 2005-09-20 | Intel Corporation | Platform and method for securely transmitting an authorization secret |
DE10122504A1 (en) * | 2001-05-10 | 2003-01-02 | Giesecke & Devrient Gmbh | Calculation of a multiple of a group element for cryptographic purposes |
US7233663B2 (en) * | 2001-10-29 | 2007-06-19 | Safenet, Inc. | Key generation performance improvement |
FR2838210B1 (en) * | 2002-04-03 | 2005-11-04 | Gemplus Card Int | CRYPTOGRAPHIC METHOD PROTECTED FROM CACHE-CHANNEL TYPE ATTACKS |
DE10254658A1 (en) * | 2002-11-22 | 2004-06-03 | Philips Intellectual Property & Standards Gmbh | Microcontroller and associated method for processing the programming of the microcontroller |
US7555122B2 (en) | 2002-12-04 | 2009-06-30 | Wired Communications LLC | Method for elliptic curve point multiplication |
GB2406943B (en) * | 2002-12-12 | 2005-10-05 | Advanced Risc Mach Ltd | Processing activity masking in a data processing system |
US7302056B2 (en) * | 2003-06-30 | 2007-11-27 | Lucent Technologies Inc. | Method and system for determining sequence parameters to limit cycle attacks in timed release cryptography |
JP2009532973A (en) * | 2006-04-06 | 2009-09-10 | エヌエックスピー ビー ヴィ | Secure decryption method |
KR100867989B1 (en) * | 2006-12-06 | 2008-11-10 | 한국전자통신연구원 | SPA-resistant Left-to-Right Recoding and Unified Scalar Multiplication Methods |
US7991162B2 (en) * | 2007-09-14 | 2011-08-02 | University Of Ottawa | Accelerating scalar multiplication on elliptic curve cryptosystems over prime fields |
FR2946819B1 (en) * | 2009-06-16 | 2011-07-01 | Sagem Securite | CRYPTOGRAPHY ON AN ELLIPTICAL CURVE. |
US20140314229A1 (en) | 2011-12-09 | 2014-10-23 | Morpho | Cryptography on a simplified elliptical curve |
FR2946818B1 (en) * | 2009-06-16 | 2011-07-01 | Sagem Securite | CRYPTOGRAPHY ON A SIMPLIFIED ELLIPTICAL CURVE. |
US20170207918A1 (en) | 2009-06-16 | 2017-07-20 | Morpho | Cryptography on an elliptical curve |
ES2599986T3 (en) | 2009-08-11 | 2017-02-06 | Curna, Inc. | Treatment of adiponectin-related diseases (ADIPOQ) by inhibiting a natural antisense transcript of an adiponectin (ADIPOQ) |
GB2479871A (en) * | 2010-04-26 | 2011-11-02 | David Coyne | System for preventing side channel attacks on a synchronous logic device. |
US8635467B2 (en) | 2011-10-27 | 2014-01-21 | Certicom Corp. | Integrated circuit with logic circuitry and multiple concealing circuits |
US8334705B1 (en) | 2011-10-27 | 2012-12-18 | Certicom Corp. | Analog circuitry to conceal activity of logic circuitry |
US9239926B2 (en) | 2012-06-29 | 2016-01-19 | International Business Machines Corporation | Static analysis for discovery of timing attack vulnerabilities in a computer software application |
US9979543B2 (en) | 2013-12-23 | 2018-05-22 | Nxp B.V. | Optimized hardware architecture and method for ECC point doubling using jacobian coordinates over short weierstrass curves |
US9929862B2 (en) | 2013-12-23 | 2018-03-27 | Nxp B.V. | Optimized hardware architecture and method for ECC point doubling using Jacobian coordinates over short Weierstrass curves |
US9900154B2 (en) * | 2013-12-23 | 2018-02-20 | Nxp B.V. | Optimized hardward architecture and method for ECC point addition using mixed affine-jacobian coordinates over short weierstrass curves |
FR3015726B1 (en) * | 2013-12-24 | 2016-01-08 | Morpho | SECURE COMPARATIVE PROCESSING METHOD |
WO2022271163A1 (en) * | 2021-06-23 | 2022-12-29 | Pqsecure Technologies, Llc | Computer processing architecture and method for supporting multiple public-key cryptosystems based on exponentiation |
CN116647318A (en) * | 2022-02-16 | 2023-08-25 | 瑞昱半导体股份有限公司 | Method for defending time attack of cipher system and cipher system processing circuit |
Family Cites Families (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5197024A (en) * | 1989-06-14 | 1993-03-23 | Pickett Lester C | Method and apparatus for exponential/logarithmic computation |
US5600324A (en) * | 1992-05-11 | 1997-02-04 | Rockwell International Corporation | Keyless entry system using a rolling code |
DE69326072T2 (en) * | 1993-11-02 | 1999-12-23 | Bull Sa | Procedure for testing a sequential finite state machine |
US5504817A (en) * | 1994-05-09 | 1996-04-02 | Yeda Research And Development Co. Ltd. At The Weizmann Institute Of Science | Method and apparatus for memory efficient variants of public key encryption and identification schemes for smart card applications |
US5553012A (en) * | 1995-03-10 | 1996-09-03 | Motorola, Inc. | Exponentiation circuit utilizing shift means and method of using same |
US5623527A (en) * | 1996-01-30 | 1997-04-22 | Hewlett-Packard Company | Method and apparatus for determining an integer power of a floating point number |
GB9713138D0 (en) * | 1997-06-20 | 1997-08-27 | Certicom Corp | Accelerated finite field operations on an elliptic curve |
CA2228493C (en) * | 1997-02-03 | 2005-05-03 | Nippon Telegraph And Telephone Corporation | Scheme for carrying out modular calculations based on redundant binary calculation |
US5991415A (en) * | 1997-05-12 | 1999-11-23 | Yeda Research And Development Co. Ltd. At The Weizmann Institute Of Science | Method and apparatus for protecting public key schemes from timing and fault attacks |
US5987131A (en) * | 1997-08-18 | 1999-11-16 | Picturetel Corporation | Cryptographic key exchange using pre-computation |
EP0938790B1 (en) * | 1997-09-16 | 2007-02-07 | Koninklijke Philips Electronics N.V. | A method and device for executing a decrypting mechanism through calculating a standardized modular exponentiation for thwarting timing attacks |
JP4462511B2 (en) * | 1997-10-10 | 2010-05-12 | サーティコム コーポレーション | Session parameter generation method for Elgamal-like protocol |
WO1999035782A1 (en) * | 1998-01-02 | 1999-07-15 | Cryptography Research, Inc. | Leak-resistant cryptographic method and apparatus |
US6041122A (en) * | 1998-02-27 | 2000-03-21 | Intel Corporation | Method and apparatus for hiding crytographic keys utilizing autocorrelation timing encoding and computation |
DE69905145T2 (en) * | 1998-03-25 | 2003-06-05 | Certicom Corp | ACCELERATED LIMITED FIELD OPERATIONS ON AN ELLIPTIC CURVE |
ATE418099T1 (en) * | 1998-06-03 | 2009-01-15 | Cryptography Res Inc | SECURED MODULAR POTENTIATION WITH LEAK MINIMIZATION FOR CHIP CARDS AND OTHER CRYPTO SYSTEMS |
WO1999063696A1 (en) * | 1998-06-03 | 1999-12-09 | Cryptography Research, Inc. | Using unpredictable information to minimize leakage from smartcards and other cryptosystems |
DE69935913T2 (en) * | 1998-07-02 | 2008-01-10 | Cryptography Research Inc., San Francisco | LACK RESISTANT UPGRADE OF AN INDEXED CRYPTOGRAPHIC KEY |
-
1998
- 1998-07-21 CA CA002243761A patent/CA2243761C/en not_active Expired - Lifetime
-
1999
- 1999-07-21 EP EP99932571A patent/EP1097541B1/en not_active Expired - Lifetime
- 1999-07-21 DE DE69942094T patent/DE69942094D1/en not_active Expired - Lifetime
- 1999-07-21 AT AT99932571T patent/ATE460027T1/en not_active IP Right Cessation
- 1999-07-21 WO PCT/CA1999/000658 patent/WO2000005837A1/en active Application Filing
- 1999-07-21 AU AU48917/99A patent/AU4891799A/en not_active Abandoned
- 1999-07-21 JP JP2000561725A patent/JP4699610B2/en not_active Expired - Lifetime
-
2001
- 2001-01-18 US US09/761,700 patent/US7020281B2/en not_active Expired - Lifetime
Also Published As
Publication number | Publication date |
---|---|
JP4699610B2 (en) | 2011-06-15 |
DE69942094D1 (en) | 2010-04-15 |
WO2000005837A1 (en) | 2000-02-03 |
US20010033655A1 (en) | 2001-10-25 |
CA2243761C (en) | 2009-10-06 |
ATE460027T1 (en) | 2010-03-15 |
JP2002521724A (en) | 2002-07-16 |
EP1097541A1 (en) | 2001-05-09 |
AU4891799A (en) | 2000-02-14 |
EP1097541B1 (en) | 2010-03-03 |
US7020281B2 (en) | 2006-03-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2243761A1 (en) | Timing attack resistant cryptographic system | |
KR960013027A (en) | Fast blind equalization method of adaptive equalizer | |
Coron et al. | On boolean and arithmetic masking against differential power analysis | |
CA2252078A1 (en) | Power signature attack resistant cryptographic system | |
EP0792043A3 (en) | Method of sharing cryptokey | |
CA2162361A1 (en) | Antisense oligonucleotides which combat aberrant splicing and methods of using the same | |
WO2004013777B1 (en) | System and method of parallel pattern matching | |
EP0862143A3 (en) | Method and arrangement for generating and checking a security imprint | |
CA2249979A1 (en) | Transition controlled balanced encoding scheme | |
WO1999004351A3 (en) | Schema change within a data-base | |
CA2298275A1 (en) | Method for processing network messages | |
CA2186348A1 (en) | Data Level Selection For Multilevel VSB Transmission System | |
WO2004017155A3 (en) | Method of extraction of a secret key | |
WO2004046017A3 (en) | Integer division method against covert channel attacks | |
AU2001284673A1 (en) | Cryptography private key storage and recovery method and apparatus | |
DE59712172D1 (en) | METHOD FOR OPTIMIZED TRANSMISSION OF ATM CELLS OVER CONNECTION SECTIONS | |
CA2350751A1 (en) | Mitigating errors in a distributed speech recognition process | |
EP0994424A3 (en) | High speed prime numbers calculation | |
AU2003292338A1 (en) | Molecular identification of bacteria of genus less thanigreater thanstreptococcusless than/igreater than and related genuses | |
EP0953928A3 (en) | Data-driven process generator | |
WO2002011359A3 (en) | Method of encryption | |
EP0939374A3 (en) | Processor for information processing equipment and control method | |
PL342036A1 (en) | Method of cryptographically converting binary data blocks | |
Füredi | The order dimension of two levels of the Boolean lattice | |
AU2002214511A1 (en) | Methods and systems for accumulating metrics generated by a sequence estimation algorithm |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKEX | Expiry |
Effective date: 20180723 |