Preventing Distinguishability between Multiplication and Squaring Operations
For cryptographers and hardware designers of elliptic curve cryptosystems, the paper addresses a side-channel vulnerability that persists even with atomic patterns, offering practical countermeasures.
The paper identifies a vulnerability in elliptic curve scalar multiplication where multiplication and squaring operations can be distinguished via side-channel analysis due to energy consumption differences. It proposes and analyzes two mitigation techniques (data redirection and bus reloading) to prevent this distinguishability.
Scalar multiplication kP is a critical operation in Elliptic Curve Cryptosystems (ECC), often targeted by Side-Channel Analysis (SCA). Despite strategies based on atomic patterns to enhance security, the binary kP algorithms remain susceptible to simple SCA due to energy consumption variations in field multipliers during passing two different or two identical operands. This vulnerability arises independent of the multiplication method used. We implemented and analysed two mitigation techniques: one involving data redirection and another focusing on bus reloading.