Research On Several Side-Channel Analysis Methods Against Elliptic-Curve-Based Digital Signature Algorithm

Cryptographic technology is an important means of security for secure communication.As a result,the security of the cryptosystem itself is essential and has been the focus of the research for a long time.Modern cryptography is heavily based on mathematical theory,so pure cryptanalysis explores weaknesses in the cryptographic algorithms themselves.As long as the key size is big enough,most ciphers we use today cannot be broken,since effort required for brute force attack is beyond the ability of any adversary.However,since Paul Kocher introduced side-channel analysis,actual use of the algorithms in real devices may introduce new threat on cryptographic algorithms.Side-channel analysis is an attack based on information gained from the physical implementataion of a cryptosystem.Adversaries can exploit information leakage like power consumption or electromagnetic leaks to break the system.This is a more powerful tool compared with pure cryptanalysis.Elliptic-curve cryptography is an approach to public-key cryptography,which requires smaller keys compared to non-ECC cryptography to provide equivalent security.For years ECC has been widely used and its security has been researched.According to the scheme of ECC,researchers have introduced many side channel attack methods,and accordingly some secure implementations to prevent these attacks.These researches have improved the security of ECC,so it is important for us to continue the work.In our study,based on the results of all the former researches,we continue the research on side channel attack on ECC,especially elliptic-curve-based digital signature algorithm.Chinese researchers have designed a Chinese version of ECC,named SM2.Nowadays,SM2 is not only widely used in China,but also becoming a international standard of ECC.We introduce two different side-channel analysis methods of SM2 digital signature algorithm(SM2-DSA)and Elliptic Curve Digital Signature Algorithm(ECDSA).First,we applied the lattice attack introduced by Howgrave-Graham to SM2-DSA.We implemented the algorithms on smart cards,microcontrollers and smart phones,recorded and analyzed the side-channel leakage information.We performed experiments on both signature algorithms,in order to find out whether the differences of scheme lead to different behaviour under lattice attack.Second,inspired by the attack on Modular exponentiation provided by Christoph Herbst,we introduced a new side-channel attack on elliptic-curve-based digital signature algorithm based on the analysis on modular inversion operations.