TY - JOUR
T1 - An efficient DPA countermeasure with randomized montgomery operations for DF-ECC processor
AU - Lee, Jen Wei
AU - Hsiao, Ju Hung
AU - Chang, Hsie-Chia
AU - Lee, Chen-Yi
PY - 2012/5/1
Y1 - 2012/5/1
N2 - Nowadays, differential power-analysis (DPA) attacks are a serious threat for cryptographic systems due to the inherent existence of data-dependent power consumption. Hiding power consumption of encryption circuit or applying key-blinded techniques can increase the security against DPA attacks, but they result in a large overhead for hardware cost, execution time, and energy dissipation. In this brief, a new DPA countermeasure performing all field operations in a randomized Montgomery domain is proposed to eliminate the correlation between target and reference power traces. After implemented in 90-nm CMOS process, our protected 521-bit dual-field elliptic curve (EC) cryptographic processor can perform one EC scalar multiplication in 8.08 ms over GF(p521) and 4.65 ms over GF(2 409), respectively, with 4.3% area and 5.2% power overhead. Experiments from a field-programmable gate array evaluation board demonstrate that the private key of unprotected device will be revealed within 10 3 power traces, whereas the same attacks on our proposal cannot successfully extract the key value even after 10 6 measurements.
AB - Nowadays, differential power-analysis (DPA) attacks are a serious threat for cryptographic systems due to the inherent existence of data-dependent power consumption. Hiding power consumption of encryption circuit or applying key-blinded techniques can increase the security against DPA attacks, but they result in a large overhead for hardware cost, execution time, and energy dissipation. In this brief, a new DPA countermeasure performing all field operations in a randomized Montgomery domain is proposed to eliminate the correlation between target and reference power traces. After implemented in 90-nm CMOS process, our protected 521-bit dual-field elliptic curve (EC) cryptographic processor can perform one EC scalar multiplication in 8.08 ms over GF(p521) and 4.65 ms over GF(2 409), respectively, with 4.3% area and 5.2% power overhead. Experiments from a field-programmable gate array evaluation board demonstrate that the private key of unprotected device will be revealed within 10 3 power traces, whereas the same attacks on our proposal cannot successfully extract the key value even after 10 6 measurements.
KW - Dual fields
KW - elliptic curve (EC) cryptography (ECC)
KW - power-analysis attacks
KW - security system
UR - http://www.scopus.com/inward/record.url?scp=84861194602&partnerID=8YFLogxK
U2 - 10.1109/TCSII.2012.2190857
DO - 10.1109/TCSII.2012.2190857
M3 - Article
AN - SCOPUS:84861194602
VL - 59
SP - 287
EP - 291
JO - IEEE Transactions on Circuits and Systems I: Regular Papers
JF - IEEE Transactions on Circuits and Systems I: Regular Papers
SN - 1549-8328
IS - 5
M1 - 6187713
ER -