Detailed Information

Cited 0 time in webofscience Cited 0 time in scopus
Metadata Downloads

Novel key recovery attack on secure ecdsa implementation by exploiting collisions between unknown entries

Authors
Jin, S.Lee, S.Cho, S.M.Kim, H.Hong, S.
Issue Date
2021
Publisher
Ruhr-University of Bochum
Keywords
Collision attack; Digital signature; ECDSA; Public-key cryptography; Scalar multiplication; Side-channel analysis
Citation
IACR Transactions on Cryptographic Hardware and Embedded Systems, v.2021, no.4, pp 1 - 26
Pages
26
Indexed
SCOPUS
Journal Title
IACR Transactions on Cryptographic Hardware and Embedded Systems
Volume
2021
Number
4
Start Page
1
End Page
26
URI
https://scholar.korea.ac.kr/handle/2021.sw.korea/138459
DOI
10.46586/tches.v2021.i4.1-26
ISSN
2569-2925
Abstract
In this paper, we propose a novel key recovery attack against secure ECDSA signature generation employing regular table-based scalar multiplication. Our attack exploits novel leakage, denoted by collision information, which can be constructed by iteratively determining whether two entries loaded from the table are the same or not through side-channel collision analysis. Without knowing the actual value of the table entries, an adversary can recover the private key of ECDSA by finding the condition for which several nonces are linearly dependent by exploiting only the collision information. We show that this condition can be satisfied practically with a reasonable number of digital signatures and corresponding traces. Furthermore, we also show that all entries in the pre-computation table can be recovered using the recovered private key and a sufficient number of digital signatures based on the collision information. As case studies, we find that fixed-base comb and T_SM scalar multiplication are vulnerable to our attack. Finally, we verify that our attack is a real threat by conducting an experiment with power consumption traces acquired during T_SM scalar multiplication operations on an ARM Cortex-M based microcontroller. We also provide the details for validation process. © 2021, Ruhr-University of Bochum. All rights reserved.
Files in This Item
There are no files associated with this item.
Appears in
Collections
Graduate School > Department of Cyber Security > 1. Journal Articles

qrcode

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.

Related Researcher

Researcher Kim, HeeSeok photo

Kim, HeeSeok
Graduate School (Department of Cyber Security)
Read more

Altmetrics

Total Views & Downloads

BROWSE