Scan vulnerability in elliptic curve cryptosystems

Ryuta Nara, Nozomu Togawa, Masao Yanagisawa, Tatsuo Ohtsuki

    Research output: Contribution to journalArticle

    6 Citations (Scopus)

    Abstract

    A scan-path test is one of the most important testing techniques, but it can be used as a side-channel attack against a cryptography circuit. Scan-based attacks are techniques to decipher a secret key using scanned data obtained from a cryptography circuit. Public-key cryptography, such as RSA and elliptic curve cryptosystem (ECC), is extensively used but conventional scan-based attacks cannot be applied to it, because it has a complicated algorithm as well as a complicated architecture. This paper proposes a scan-based attack which enables us to decipher a secret key in ECC. The proposed method is based on detecting intermediate values calculated in ECC. We focus on a 1-bit sequence which is specific to some intermediate values. By monitoring the 1-bit sequence in the scan path, we can find out the register position specific to the intermediate value in it and we can know whether this intermediate value is calculated or not in the target ECC circuit. By using several intermediate values, we can decipher a secret key. The experimental results demonstrate that a secret key in a practical ECC circuit can be deciphered using 29 points over the elliptic curve E within 40 seconds.

    Original languageEnglish
    Pages (from-to)47-59
    Number of pages13
    JournalIPSJ Transactions on System LSI Design Methodology
    Volume4
    DOIs
    Publication statusPublished - 2011

    Fingerprint

    Cryptography
    Networks (circuits)
    Public key cryptography
    Monitoring
    Testing

    ASJC Scopus subject areas

    • Electrical and Electronic Engineering
    • Computer Science Applications

    Cite this

    Scan vulnerability in elliptic curve cryptosystems. / Nara, Ryuta; Togawa, Nozomu; Yanagisawa, Masao; Ohtsuki, Tatsuo.

    In: IPSJ Transactions on System LSI Design Methodology, Vol. 4, 2011, p. 47-59.

    Research output: Contribution to journalArticle

    @article{76af737a804449a59c81d8313160240e,
    title = "Scan vulnerability in elliptic curve cryptosystems",
    abstract = "A scan-path test is one of the most important testing techniques, but it can be used as a side-channel attack against a cryptography circuit. Scan-based attacks are techniques to decipher a secret key using scanned data obtained from a cryptography circuit. Public-key cryptography, such as RSA and elliptic curve cryptosystem (ECC), is extensively used but conventional scan-based attacks cannot be applied to it, because it has a complicated algorithm as well as a complicated architecture. This paper proposes a scan-based attack which enables us to decipher a secret key in ECC. The proposed method is based on detecting intermediate values calculated in ECC. We focus on a 1-bit sequence which is specific to some intermediate values. By monitoring the 1-bit sequence in the scan path, we can find out the register position specific to the intermediate value in it and we can know whether this intermediate value is calculated or not in the target ECC circuit. By using several intermediate values, we can decipher a secret key. The experimental results demonstrate that a secret key in a practical ECC circuit can be deciphered using 29 points over the elliptic curve E within 40 seconds.",
    author = "Ryuta Nara and Nozomu Togawa and Masao Yanagisawa and Tatsuo Ohtsuki",
    year = "2011",
    doi = "10.2197/ipsjtsldm.4.47",
    language = "English",
    volume = "4",
    pages = "47--59",
    journal = "IPSJ Transactions on System LSI Design Methodology",
    issn = "1882-6687",
    publisher = "Information Processing Society of Japan",

    }

    TY - JOUR

    T1 - Scan vulnerability in elliptic curve cryptosystems

    AU - Nara, Ryuta

    AU - Togawa, Nozomu

    AU - Yanagisawa, Masao

    AU - Ohtsuki, Tatsuo

    PY - 2011

    Y1 - 2011

    N2 - A scan-path test is one of the most important testing techniques, but it can be used as a side-channel attack against a cryptography circuit. Scan-based attacks are techniques to decipher a secret key using scanned data obtained from a cryptography circuit. Public-key cryptography, such as RSA and elliptic curve cryptosystem (ECC), is extensively used but conventional scan-based attacks cannot be applied to it, because it has a complicated algorithm as well as a complicated architecture. This paper proposes a scan-based attack which enables us to decipher a secret key in ECC. The proposed method is based on detecting intermediate values calculated in ECC. We focus on a 1-bit sequence which is specific to some intermediate values. By monitoring the 1-bit sequence in the scan path, we can find out the register position specific to the intermediate value in it and we can know whether this intermediate value is calculated or not in the target ECC circuit. By using several intermediate values, we can decipher a secret key. The experimental results demonstrate that a secret key in a practical ECC circuit can be deciphered using 29 points over the elliptic curve E within 40 seconds.

    AB - A scan-path test is one of the most important testing techniques, but it can be used as a side-channel attack against a cryptography circuit. Scan-based attacks are techniques to decipher a secret key using scanned data obtained from a cryptography circuit. Public-key cryptography, such as RSA and elliptic curve cryptosystem (ECC), is extensively used but conventional scan-based attacks cannot be applied to it, because it has a complicated algorithm as well as a complicated architecture. This paper proposes a scan-based attack which enables us to decipher a secret key in ECC. The proposed method is based on detecting intermediate values calculated in ECC. We focus on a 1-bit sequence which is specific to some intermediate values. By monitoring the 1-bit sequence in the scan path, we can find out the register position specific to the intermediate value in it and we can know whether this intermediate value is calculated or not in the target ECC circuit. By using several intermediate values, we can decipher a secret key. The experimental results demonstrate that a secret key in a practical ECC circuit can be deciphered using 29 points over the elliptic curve E within 40 seconds.

    UR - http://www.scopus.com/inward/record.url?scp=82455188606&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=82455188606&partnerID=8YFLogxK

    U2 - 10.2197/ipsjtsldm.4.47

    DO - 10.2197/ipsjtsldm.4.47

    M3 - Article

    VL - 4

    SP - 47

    EP - 59

    JO - IPSJ Transactions on System LSI Design Methodology

    JF - IPSJ Transactions on System LSI Design Methodology

    SN - 1882-6687

    ER -