In The Name of Allah Fault attacks on ECC

1. In The Name of AllahFault attacks on ECC FereshteMozafari ArezooDabaghi

2. FLOW • Introduction • Fault attacks • Differential fault attack & its countermeasure • Sign change fault attack & its countermeasure • References Hardware Security and Trust, CE, SUT

3. Introduction • An EC over Fp (p > 3) satisfy with: Y2 = x3 + ax2 + b (mod p) • In cryptosystems based on EC, a crucial computation is the scalar multiplication of a public base point P with a secret scalar factor k. Q = kP • Attacks aim to recover the value of k. Hardware Security and Trust, CE, SUT

4. Fault Attacks • Differential Fault Attack(DFA) • Sign Change Fault Attack(SCFA) • M Safe- Error Analysis • C Safe- Error Analysis • Invalid Curve Analysis • Invalid Point Analysis Hardware Security and Trust, CE, SUT

5. Differential fault attack(0) Scalar multiplication Q = k.P P, , p

6. Differential fault attack(1) • Preliminaries • If enforce a fault randomly in a register than can recover secret key in expected polynomial time • binary length of n is k • value stored in variable Qbefore iteration I • e Hardware Security and Trust, CE, SUT

7. Differential fault attack(2) • Method • Run ECSM once and collect the correct result () • Enforce register fault in a register holding the variable Q , in iteration n-m < j < n n-1 j 0 Hardware Security and Trust, CE, SUT

8. Differential fault attack(3) 3. Find the index of the first iteration j’ with j’ > j and =1 n-1 j’ j 0 Hardware Security and Trust, CE, SUT

9. Differential fault attack(4) 4.find candidate for the disturbed Q-value 1. check each i with ( n-m < i < n) as candidate for j’ 2. x = as candidate for the n-i most significant bit of k j n-1 j’=i 0 Hardware Security and Trust, CE, SUT

10. Differential fault attack(4) 4.find candidate for the disturbed Q-value j n-1 j’=i 0 . .P)’ = - . .P Hardware Security and Trust, CE, SUT

11. Differential fault attack(5) 5. For each choice of x and i we consider all disturbed Q- values () with can derive from by flipping one bit. 6. calculate by : Hardware Security and Trust, CE, SUT

12. Differential fault attack(6) 7. if is identical by of device • i as a candidate for j’ • as a candidate for • binary representation of x as a candidate for upper n-j’ of k Hardware Security and Trust, CE, SUT

13. Countermeasure for DFA • intermediate results (Qi , Hi)should be regularly checked • randomize the scalar k Hardware Security and Trust, CE, SUT

14. SCFA on ECC(1) • Over NAF-based left-to-right doubling algorithm Hardware Security and Trust, CE, SUT

15. SCFA on ECC(2) • Basic idea: recover the bits of k in pieces of 1 ≤ r ≤ m bits • A SCF changes the sign of y-coordinate of an attacked point Q  Qf Hardware Security and Trust, CE, SUT

16. SCFA on ECC(3) • the only unknown part is Li (k) • This allows to recover bits of k starting from the LSB + - Hardware Security and Trust, CE, SUT

17. Injection of SCF on Qi ‘(1) • Input: access to algorithm1 n the length of private key, k > 0 in NAF Q = kP, m a parameter for acceptable amount of offline work • Output: k with probability at least 1/2 • #Step1: Collect faulty output collect the set S by including SCF on Qi’ Hardware Security and Trust, CE, SUT

18. Injection of SCF on Qi‘(2) • #step2: Inductive Retrieval of Secret Key Bits 1. Set s := -1 2. While(s < n-1) do 3.Set 4. For all lengths of r = 1,2,…,m do 5. For all valid NAF-patterns x = (xs+1,xs+2,…,xs+r) do S+1 LSBs of k are known Compute known LSB part Try all possible bit pattern with length r Hardware Security and Trust, CE, SUT

19. Injection of SCF on Qi‘(3) 6. Set 7. For all do 8. If then 9. conclude ks+1 = xs+1, ks+2 = xs+2,…, ks+r= xs+r , set s := s + r Compute test condidateTx Verify Tx Hardware Security and Trust, CE, SUT

20. Injection of SCF on Qi‘(4) 10. If no test candidate satisfies the verification step,then assume that ks+1 = 0, set s := s + 1 11. continue at Line 2 12. Verify Q = kP If this fails then output ”failure” 13. Output “k” Hardware Security and Trust, CE, SUT

21. Countermeasure for SCFA(1) • Uses a second elliptic curve whose order is a small prime number(t) to verify the final results E = Ep:= E( Fp ) Et:= E( Ft ) Eptis defined with parameters Aptand Bpt Apt≡ Apmod p, Apt≡ At mod t Bpt≡ Bpmod p, Bpt≡ Btmod t Qpt = k Ppt Hardware Security and Trust, CE, SUT

22. Countermeasure for SCFA(2) • Attacks in Line 4 cannot yield a faulty output Hardware Security and Trust, CE, SUT

23. References 1. J. Blomer, M. Otto, J. Seifert“Sign Change Fault Attacks On Elliptic Curve Cryptosystems,” Fault Diagnousis and Tolerance iv Cryptograghy , pp. 36-52, 2006. 2. J. Fan, I. Verbouwhede, “An Updated Survey on Secure ECC Implementations: Attacks, Countermeasures and Cost,” Cryptography and Security, pp. 265-282, 2012. 3. J. Fan, X. Gue, E. Mulder, “State-of-the-art of secure ECC implementations: a survey on known side-channel attacks and countermeasures,” International Symposium on Hardware-Oriented Security and Trust , pp. 165-171, 2010. 4. I. Biehel, B. Meyer, V. Muller, "Diferential Fault Attacks on Elliptic Curve Cryptosystems," Advance in Cryptography, pp. 131-141, 2000. 5. B. Johannes, O. Martin, S. Jean-Pierre, ‘Sign Change Fault Attacks on Elliptic Curve Cryptosystems” Hardware Security and Trust, CE, SUT

24. When that you think every thing is hidden and no one can see within , remember my friend , God can