Improvement on Ha-Moon randomized exponentiation algorithm

Abstract

Randomized recoding on the exponent of an exponentiation computation into a signed-digit representation has been a well known countermeasure against some side-channel attacks. However, this category of countermeasures can only be applicable to those cryptosystems with fixed parameters on the base integer when evaluating exponentiation or to some classes of cryptosystems such that the inversion is performed only once or can be computed very efficiently. This paper considers the development of novel inversion-free exponentiation algorithms which bijectively map the signed-digit exponent into non-negative digits. These signed-digit based exponentiation algorithms are therefore applicable to cryptosystems with varying base integers, e.g., the RSA cryptosystem. We also propose a left-to-right version of the Ha-Moon recoding and integrate the recoding with the proposed non-inversion technique. The integrated algorithm leads to a more secure countermeasure of implementing exponentiation against side-channel attacks. © Springer-Verlag Berlin Heidelberg 2005.