Scan vulnerability in elliptic curve cryptosystems

Ryuta Nara*, Nozomu Togawa, Masao Yanagisawa, Tatsuo Ohtsuki


研究成果: Article査読

6 被引用数 (Scopus)


A scan-path test is one of the most important testing techniques, but it can be used as a side-channel attack against a cryptography circuit. Scan-based attacks are techniques to decipher a secret key using scanned data obtained from a cryptography circuit. Public-key cryptography, such as RSA and elliptic curve cryptosystem (ECC), is extensively used but conventional scan-based attacks cannot be applied to it, because it has a complicated algorithm as well as a complicated architecture. This paper proposes a scan-based attack which enables us to decipher a secret key in ECC. The proposed method is based on detecting intermediate values calculated in ECC. We focus on a 1-bit sequence which is specific to some intermediate values. By monitoring the 1-bit sequence in the scan path, we can find out the register position specific to the intermediate value in it and we can know whether this intermediate value is calculated or not in the target ECC circuit. By using several intermediate values, we can decipher a secret key. The experimental results demonstrate that a secret key in a practical ECC circuit can be deciphered using 29 points over the elliptic curve E within 40 seconds.

ジャーナルIPSJ Transactions on System LSI Design Methodology
出版ステータスPublished - 2011

ASJC Scopus subject areas

  • コンピュータ サイエンスの応用
  • 電子工学および電気工学


「Scan vulnerability in elliptic curve cryptosystems」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。