Enhanced Elliptic Curve Scalar Multiplication Secure Against Side Channel Attacks and Safe Errors

Abstract

Elliptic curve cryptography (ECC) is involved in many secure schemes. Such schemes involve the elliptic curve scalar operation which is particularly security sensitive. Many algorithms of this operation have been proposed including security countermeasures. This paper discusses the security issues of such algorithms when running on a device that can be physically accessed. Leveraging these issues, new simple attack schemes to recover scalar bit information are presented and a new detailed attack based on C safe-error, probability and lattice is described against an Elliptic Curve Digital Signature Algorithm (ECDSA) using the Montgomery ladder algorithm. This new attack shows that Montgomery ladder can be sensitive to C safe-errors under some conditions. Finally, new secure elliptic curve scalar operation algorithms are presented with solutions to the discussed issues and guidance for their secure implementations.