Schindler and Itoh proposed a side-channel attack on implementations of the double-and-add-algorithm with blinded exponents, where dummy additions can be detected with errors. Here this approach is generalized to partial information leakage: If window methods are used, several different types of additions occur. If the attacker can only discriminate between some types of additions, but not between all types, the so-called basic version of the attack is still feasible and the attacker can correct her guessing errors and find out the secret scalar. Sometimes generalized Schindler-Itoh methods can reveal even more bits than leak by SPA. In fact this makes an attack on a 2bit-window-algorithm feasible for a 32-bit randomization, where the attacker can distinguish between additions of different values with error rates up to 0.15, but cannot detect dummy additions. A barrier to applying the so-called enhanced version to partial information leakage is described. © 2012 Springer-Verlag.
CITATION STYLE
Krüger, A. (2012). The Schindler-Itoh-attack in case of partial information leakage. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7275 LNCS, pp. 199–214). https://doi.org/10.1007/978-3-642-29912-4_15
Mendeley helps you to discover research relevant for your work.