A Novel Template Attack on wNAF Algorithm of ECC

Author

Zhenbin Zhang ; Liji Wu ; Zhaoli Mu ; Xiangmin Zhang

Author_Institution

Inst. of Microelectron., Tsinghua Univ., Beijing, China

fYear

2014

fDate

15-16 Nov. 2014

Firstpage

671

Lastpage

675

Abstract

Template attack is more powerful than SPA and CPA in some situations. In this paper, a novel template attack named DTTA is proposed to attack the wNAF algorithm of ECC. SM2 is the Chinese public key cryptosystem standard issued in 2010. Few results of side channel attack on SM2 have been found so far. We exploit the Riscure platform to analyze decryption of SM2 in a smart IC card. We also compare 3 kinds of method which used in template matching phase. Experiment results show that template matching method of multivariate normal distribution is superior to correlation method or LSM. The maximum success rate of template matching can be 88%. That means a 256-bit private key of SM2 can be recovered 225 bits by only acquiring one measurement of SM2 decryption in average. Some general countermeasures is not safe enough for DTTA. Defensive strategy should exploit the combination of multiple countermeasures to resist DTTA.

Keywords

public key cryptography; CPA; Chinese public key cryptosystem standard; DTTA; ECC; Riscure platform; SPA; multiple countermeasures; multivariate normal distribution; private key; side channel attack; smart IC card; template attack; template matching method; template matching phase; wNAF algorithm; Algorithm design and analysis; Buildings; Correlation; Elliptic curve cryptography; Gaussian distribution; Power demand; SM2; power analysis; public key decryption; scalar multiplication; template attack; wNAF;

fLanguage

English

Publisher

ieee

Conference_Titel

Computational Intelligence and Security (CIS), 2014 Tenth International Conference on

Conference_Location

Kunming

Print_ISBN

978-1-4799-7433-7

Type

conf

DOI

10.1109/CIS.2014.66

Filename

7016981