An efficient DPA countermeasure with randomized montgomery operations for DF-ECC processor

Jen Wei Lee*, Ju Hung Hsiao, Hsie-Chia Chang, Chen-Yi Lee

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

23 Scopus citations


Nowadays, differential power-analysis (DPA) attacks are a serious threat for cryptographic systems due to the inherent existence of data-dependent power consumption. Hiding power consumption of encryption circuit or applying key-blinded techniques can increase the security against DPA attacks, but they result in a large overhead for hardware cost, execution time, and energy dissipation. In this brief, a new DPA countermeasure performing all field operations in a randomized Montgomery domain is proposed to eliminate the correlation between target and reference power traces. After implemented in 90-nm CMOS process, our protected 521-bit dual-field elliptic curve (EC) cryptographic processor can perform one EC scalar multiplication in 8.08 ms over GF(p521) and 4.65 ms over GF(2 409), respectively, with 4.3% area and 5.2% power overhead. Experiments from a field-programmable gate array evaluation board demonstrate that the private key of unprotected device will be revealed within 10 3 power traces, whereas the same attacks on our proposal cannot successfully extract the key value even after 10 6 measurements.

Original languageEnglish
Article number6187713
Pages (from-to)287-291
Number of pages5
JournalIEEE Transactions on Circuits and Systems I: Regular Papers
Issue number5
StatePublished - 1 May 2012


  • Dual fields
  • elliptic curve (EC) cryptography (ECC)
  • power-analysis attacks
  • security system

Fingerprint Dive into the research topics of 'An efficient DPA countermeasure with randomized montgomery operations for DF-ECC processor'. Together they form a unique fingerprint.

Cite this