Abstract— The Montgomery ladder method is known as an efficient elliptic curve scalar multiplication algorithm, inherently resistant to simple side channel attacks as well as to some fault attacks. In FDTC 08, Fouque et al [5] has been presented an fault attack based on twist of the elliptic curve on the Montgomery ladder over prime fields, without using the - coordinate, in the presence of a point validation countermeasure. In this paper, we demonstrate the related order formula of between the original elliptic curve and its twist curve; then we solve a small problem: solving the discrete logarithm problem (DLP) in twist curve can easily transfer to solve DLP in the original elliptic curve , get a secret key. Finally we propose some security criterions to thwart twist curve based fault attack.
Tài liệu tham khảo [1]. I. BIEHL, B. MEYER and V. MÜLLER, “Differential fault attacks on elliptic curve cryptosystems, Advances in Cryptology” CRYPTO 2000, Springer, pp. 131-146, 2000. [2]. I. F. BLAKE, G. SEROUSSI and N. SMART, “Elliptic curves in cryptography”, Cambridge university press, 1999. [3]. D. BONEH, R. A. DEMILLO and R. J. LIPTON, “On the importance of eliminating errors in cryptographic computations”, Journal of cryptology 14, pp. 101-119, 2001. [4]. E. BRIER and M. JOYE, “Weierstraß elliptic curves and side-channel attacks, Public Key Cryptography”, Springer, pp. 335-345, 2002. [5]. P.-A. FOUQUE, R. LERCIER, D. RÉAL and F. VALETTE, “Fault attack on elliptic curve Montgomery ladder implementation, Fault Diagnosis and Tolerance in Cryptography”, 2008. FDTC'08. 5th Workshop on, IEEE, pp. 92-98, 2008. [6]. S. D. GALBRAITH, “Mathematics of public key cryptography”, Cambridge University Press, 2012. [7]. D. HANKERSON, A. J. MENEZES and S. VANSTONE, “Guide to elliptic curve cryptography”, Springer Science & Business Media, 2006. [8]. C. H. LIM and P. J. LEE, “A key recovery attack on discrete log-based schemes using a prime order subgroup, Advances in Cryptology” CRYPTO'97, Springer, pp. 249-263, 1997. [9]. P. L. MONTGOMERY, “Speeding the Pollard and elliptic curve methods of factorization”, Mathematics of computation, 48, pp. 243-264, 1987. [10]. L. C. WASHINGTON, “Elliptic curves: number theory and cryptography”, CRC press, 2008. [11]. S. D. GALBRAITH and J. MCKEE, “The probability that the number of points on an elliptic curve over a finite field is prime”, Journal of the London Mathematical Society, 62, pp. 671-684, 2000. [12]. J.-P. FLORI, J. PLÛT, J.-R. REINHARD and M. EKERA, “Diversity and Transparency for ECC, NIST workshop on ECC Standards”, 2015. [13]. http://safecurves.cr.yp.to/ |