Side-Channel Analysis of Weierstrass and Koblitz Curve ECDSA on Android Smartphones [chapter]

Pierre Belgarric, Pierre-Alain Fouque, Gilles Macario-Rat, Mehdi Tibouchi
<span title="">2016</span> <i title="Springer International Publishing"> <a target="_blank" rel="noopener" href="https://fatcat.wiki/container/2w3awgokqne6te4nvlofavy5a4" style="color: black;">Lecture Notes in Computer Science</a> </i> &nbsp;
In this paper, we study the side-channel resistance of the implementation of the ECDSA signature scheme in Android's standard cryptographic library. We show that, for elliptic curves over prime fields, one can recover the secret key very efficiently on smartphones using electromagnetic side-channel and well-known lattice reduction techniques. We experimentally show that elliptic curve operations (doublings and additions) can be distinguished in a multi-core CPU clocking over the giga-hertz. We
more &raquo; ... hen extend the standard lattice attack on ECDSA over prime fields to binary Koblitz curves. This is the first time that such an attack is described on Koblitz curves. These curves, which are also available in Bouncy Castle, allow very efficient implementations using the Frobenius operation. This leads to signal processing challenges since the number of available points are reduced. We investigate practical side-channel, showing the concrete vulnerability of such implementations. In comparison to previous works targeting smartphones, the attacks presented in the paper benefits from discernible architectural features, like specific instructions computations or memory accesses. An extended abstract appeared in the proceedings of CT-RSA 2016. This is the full version. Sensitive applications are now developed on smartphones and software security vulnerability is an important issue. However, if the cryptographic library is not protected against physical attacks, the secret keys can be extracted and data protection becomes useless.
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/978-3-319-29485-8_14">doi:10.1007/978-3-319-29485-8_14</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/luuh3557azafvkch2dkhc2p3d4">fatcat:luuh3557azafvkch2dkhc2p3d4</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20170716012557/https://eprint.iacr.org/2016/231.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/9a/44/9a449203b6582f3656e4325bf0e841226cbf447f.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1007/978-3-319-29485-8_14"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> springer.com </button> </a>