Přehled o publikaci
2023
SoK: SCA-secure ECC in software – mission impossible?
BATINA, Lejla; Lukasz Michal CHMIELEWSKI; Björn HAASE; Niels SAMWEL; Peter SCHWABE et al.Basic information
Original name
SoK: SCA-secure ECC in software – mission impossible?
Authors
BATINA, Lejla; Lukasz Michal CHMIELEWSKI; Björn HAASE; Niels SAMWEL and Peter SCHWABE
Edition
Germany, IACR Transactions on Cryptographic Hardware and Embedded Systems, Volume 2023, Issue 1, p. 557-589, 33 pp. 2023
Publisher
Ruhr-University of Bochum
Other information
Language
English
Type of outcome
Proceedings paper
Country of publisher
Germany
Confidentiality degree
is not subject to a state or trade secret
Publication form
electronic version available online
Marked to be transferred to RIV
No
Organization
Fakulta informatiky – Repository – Repository
ISSN
EID Scopus
Keywords in English
Elliptic Curve Cryptography; Side-Channel Analysis; Fault Injection
Changed: 16/5/2024 04:14, RNDr. Daniel Jakubík
Abstract
In the original language
This paper describes an ECC implementation computing the X25519 keyexchange protocol on the Arm Cortex-M4 microcontroller. For providing protections against various side-channel and fault attacks we first review known attacks and countermeasures, then we provide software implementations that come with extensive mitigations, and finally we present a preliminary side-channel evaluation. To our best knowledge, this is the first public software claiming affordable protection against multiple classes of attacks that are motivated by distinct real-world application scenarios. We distinguish between X25519 with ephemeral keys and X25519 with static keys and show that the overhead to our baseline unprotected implementation is about 37% and 243%, respectively. While this might seem to be a high price to pay for security, we also show that even our (most protected) static implementation is at least as efficient as widely-deployed ECC cryptographic libraries, which offer much less protection.
