Research On Power Analysis And Their Practical Countermeasures

As our society has entered an information era, the need for information security is morepronounced than ever. An effective solution to securing information over the distributedenvironments is to apply cryptography. Modern cryptography is a vast area of study as aresult of fast advances made in the past thirty years. It is well known that the public keycryptography is one of the main achievement of modern cryptography. Most of public keycryptosystems involves the modular exponentiation. We select to research the security ofthe modular exponentiation problem. In the past decade, side-channel attacks have attractedenormous attentions as they have turned out to constitute serious threats for the modularexponentiation algorithms on public key cryptosystems, especially if the cryptographic op-erations run on wide applied smart cards.This dissertation focuses on one aspect: power analysis and their practical countermea-sures under the smart card implementation, in particular, the simple power analysis (SPA)attacks treated as the most threat of smart cards. In summary, the main topics and achieve-ments we reached are as follows:1. Review and discussion of the typical power analysis methods and software counter-measures on the modular exponentiation. After the presentation of the basic principle, wefirstly classify and examine the simple power analysis attacks and their countermeasures.It includes: the SPA attack on the outcome of the if statement and their countermeasures;Novak's SPA-based adaptive chosen-ciphertext attack on the RSA implementation, Fouque-Vallette's weak SPA property on the left-to-right binary algorithm in the elliptic curve setting.Secondly, we consider the differential power analysis (DPA) attacks and their countermea-sures. It comprises: Messerges et al's DPA attacks on the classical binary method and theircountermeasures; Walter's DPA attack on m-ary and window methods and the resistancealgorithm so-called MIST, etc. Finally, we simply pay attention to the mutual relationshipbetween different kinds of side-channel attacks when choosing a specific countermeasure. 2. Brief survey of hardware countermeasures against power analysis methods. Here,we mainly address the basic idea of the representative Shamir's hardware proposal in detail.At the same time, we point out many deficiencies in Shamir's hardware proposal, most ofwhich are applicable to all hardware countermeasures.3. New modular exponentiation algorithms against SPA attacks. According to currentadvances on SPA attacks, we first abstract a generalized SPA mode, which is evolved fromClavier-Joye's SPA mode. And then, we propose new modular exponentiation algorithmsagainst SPA attacks. We further reduce them against SPA attacks under our generalizedSPA mode and compare them with similar algorithms on performance characters. And then,for verifying the accuracy of our results, we perform experiments to simulate all kinds ofSPA attacks on modular exponentiation algorithms implemented by smart cards. Finally,we extensively discuss several problems related to our mode and algorithms. Our conclu-sion is new modular exponentiation algorithms are pretty good in the security, simplicity,operationalization, and efficiency compared with similar algorithms. So new modular expo-nentiation algorithms are ideally suited for smart cards against SPA attacks.