Randomizing the Montgomery Multiplication to Repel Template Attacks on Multiplicative Masking

Marcel Medwed, Christoph Herbst

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

For a long time multiplicative masking together with highly regular exponentiation algorithms was believed to thwart all side-channel based threats. Recent research results showed that the multiplicative masking itself can be attacked in order to recover the used masks. In this
paper we propose a countermeasure which closes this security gap. The basic idea is to protect the masking step by introducing a randomized multiplication. The proposed method is cheap in terms of performance overhead. The memory overhead is reasonable.
Original languageEnglish
Title of host publicationWorkshop Proceedings COSADE 201
Subtitle of host publication1st International Workshop on Constructive Side-Channel Analysis and Secure Design
Pages56-71
Publication statusPublished - 2010
Event1st International Workshop on Constructive Side-Channel Analysis and Secure Design: COSADE 2010 - Darmstadt, Germany
Duration: 4 Feb 20105 Feb 2010

Conference

Conference1st International Workshop on Constructive Side-Channel Analysis and Secure Design
Abbreviated titleCOSADE 2010
Country/TerritoryGermany
CityDarmstadt
Period4/02/105/02/10

Treatment code (Nähere Zuordnung)

  • Application

Fingerprint

Dive into the research topics of 'Randomizing the Montgomery Multiplication to Repel Template Attacks on Multiplicative Masking'. Together they form a unique fingerprint.

Cite this