====== A formula for disaster: a unified approach to elliptic curve special-point-based attacks [ASIACRYPT 2021] ======
~~NOTOC~~
\_{{fa>user}}\_\_//Authors:// [[:publications:authors:vladimir-sedlacek|Vladimir Sedlacek]], Jesús-Javier Chi-Domínguez, [[:publications:authors:jan-jancar|Jan Jancar]] and Billy Bob Brumley
{{fa>user-circle-o}}\_//Primary contact:// Jan Jancar %%<%%%%>%%
{{fa>bullhorn}}\_//Conference:// [[https://asiacrypt.iacr.org/2021///|ASIACRYPT 2021]]
\_
\_
@InProceedings{2021-asiacrypt-formulas,
Title = {A formula for disaster: a unified approach to elliptic curve special-point-based
attacks},
Author = {Vladimir Sedlacek and Jesús-Javier Chi-Domínguez and Jan Jancar and Billy Bob Brumley},
BookTitle = {Advances in Cryptology – ASIACRYPT 2021},
Publisher = {Springer},
Year = {2021},
ISBN = {978-3-030-64837-4},
Keywords = {ECC, cryptoimplementations, libraries, side-channel},
crocsweb = {https://crocs.fi.muni.cz/papers/formulas_asiacrypt21},
}
The Refined Power Analysis, Zero-Value Point, and Exceptional Procedure attacks
introduced side-channel attack techniques against specific cases of elliptic curve cryptography.
The three attacks recover bits of a static ECDH key adaptively,
collecting information on whether a certain multiple of the input point was computed.
We unify and generalize these attacks in a common framework, and solve the corresponding problem
for a broader class of inputs. We also introduce a version of
the attack against windowed scalar multiplication methods, recovering the full scalar
instead of just a part of it. Finally, we systematically analyze elliptic curve
point addition formulas from the Explicit-Formulas Database,
classify all non-trivial exceptional points, and find them in new formulas.
These results indicate the usefulness of our tooling for unrolling formulas and finding
special points which we released publicly, potentially of independent research interest.
===== Summarizing video =====
[[https://www.youtube.com/watch?v=RJY0A2IPVLE|IACR YouTube video]]
===== Research artifacts (supplementary material) =====