usenix conference policies
Breaking the Liardet-Smart Randomized Exponentiation Algorithm
In smartcard encryption and signature applications, randomised algorithms are used to increase tamper resistance against attacks based on side channel leakage. Recently several such algorithms have appeared which are suitable for RSA exponentiation and/or ECC point multiplication. We show that under certain apparently reasonable hypotheses about the countermeasures in place and the attacker's monitoring equipment, repeated use of the same secret key with the algorithm of Liardet and Smart is insecure against any side channel which leaks enough data to differentiate between the adds and doubles in a single scalar multiplication. Thus the scalar needs to be blinded in the standard way, or some other suitable counter-measures employed, if the algorithm is to be used safely in such a context.
author = {Colin D. Walter},
title = {Breaking the {Liardet-Smart} Randomized Exponentiation Algorithm},
booktitle = {5th Smart Card Research and Advanced Application Conference (CARDIS 02)},
year = {2002},
address = {San Jose, CA},
url = {https://www.usenix.org/conference/cardis-02/breaking-liardet-smart-randomized-exponentiation-algorithm},
publisher = {USENIX Association},
month = nov
}
connect with us