Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revisionLast revisionBoth sides next revision | ||
public:papers:formulas_asiacrypt21 [2021-09-16 12:30] – xjancar | public:papers:formulas_asiacrypt21 [2021-12-04 20:41] – [Summarizing video] x408178 | ||
---|---|---|---|
Line 19: | Line 19: | ||
<button type=" | <button type=" | ||
+ | \_ | ||
+ | <button icon=" | ||
\_ | \_ | ||
<button collapse=" | <button collapse=" | ||
Line 40: | Line 42: | ||
<panel type=" | <panel type=" | ||
- | The Refined Power Analysis, Zero-Value Point, and Exceptional Procedure attacks introduced side-channel attack techniques against specific cases of elliptic curve cryptography. The three attacks recover bits of a static ECDH key adaptively, collecting information on whether a certain multiple of the input point was computed. We unify and generalize these attacks in a common framework and solve the corresponding problem for a broader class of inputs. We also introduce a version of the attack against windowed scalar multiplication methods, recovering the full scalar instead of just a part of it. Finally, we systematically analyze elliptic curve point addition formulas from the Explicit-Formulas Database, classify all non-trivial exceptional points, and find them in new formulas. These results indicate the usefulness of our tooling for unrolling formulas and finding special points, which might be of independent research interest. | + | The Refined Power Analysis, Zero-Value Point, and Exceptional Procedure attacks |
+ | introduced side-channel attack techniques against specific cases of elliptic curve cryptography. | ||
+ | The three attacks recover bits of a static ECDH key adaptively, | ||
+ | collecting information on whether a certain multiple of the input point was computed. | ||
+ | We unify and generalize these attacks in a common framework, and solve the corresponding problem | ||
+ | for a broader class of inputs. We also introduce a version of | ||
+ | the attack against windowed scalar multiplication methods, recovering the full scalar | ||
+ | instead of just a part of it. Finally, we systematically analyze elliptic curve | ||
+ | point addition formulas from the Explicit-Formulas Database, | ||
+ | classify all non-trivial exceptional points, and find them in new formulas. | ||
+ | These results indicate the usefulness of our tooling for unrolling formulas and finding | ||
+ | special points which we released publicly, potentially | ||
</ | </ | ||
+ | |||
+ | ===== Summarizing video ===== | ||
+ | IACR YouTube video: [[https:// | ||
+ | |||
===== Research artifacts (supplementary material) ===== | ===== Research artifacts (supplementary material) ===== |