PROTECTING ECC AGAINST FAULT ATTACKS Marc Joye NutMiC 2019 Paris, - PowerPoint PPT Presentation

Innovation Centre PROTECTING ECC AGAINST FAULT ATTACKS Marc Joye NutMiC 2019 � Paris, June 24–27, 2019

September 26, 1996 Bellcore’s Researchers Break Smart Cards

BELLCORE ATTACK (1/2) • Computation of a signature S = µ ( m ) d mod N using CRT ˙ m = µ ( m ) for some padding function µ 1 m d p mod p 2 s p = ˙ m d q mod q 3 s q = ˙ where i q = q − 1 mod p 4 S = CRT( s p , s q ) = s q + q [ i q ( s p − s q ) mod p ] d p ˙ m s p ˙ m S d q ˙ m s q c 2019 OneSpan Innovation Centre 3 Innovation Centre

BELLCORE ATTACK (2/2) d p ��� ��� ��� ��� ˙ ˆ m s p ��� ��� ��� ��� ˆ m ˙ S d q ˙ m s q c 2019 OneSpan Innovation Centre 4 Innovation Centre

BELLCORE ATTACK (2/2) d p ��� ��� ��� ��� ˙ ˆ m s p ��� ��� ��� ��� ˆ m ˙ S d q ˙ m s q � ˆ � gcd S − S , N = q Proof: ⇒ ˆ ⇒ p ∤ (ˆ • ˆ s p � = s p ⇐ S �≡ S (mod p ) ⇐ S − S ) • ˆ ⇒ q | (ˆ S ≡ S (mod q ) ⇐ S − S ) c 2019 OneSpan Innovation Centre 4 Innovation Centre

FAULT ATTACKS • Adversary induces faults during the computation • glitches (supply voltage or external clock) • temperature • light emission (white light or laser) • ... c 2019 OneSpan Innovation Centre 5 Innovation Centre

OUTLINE OF THIS TALK New countermeasures for preventing fault attacks in elliptic curve cryptosystems 1 Elliptic curve primitive 2 Basic countermeasures 3 Shamir’s trick 4 Ring extension method, revisited c 2019 OneSpan Innovation Centre 6 Innovation Centre

ELLIPTIC CURVE PRIMITIVE • EC primitive = point multiplication (a.k.a. scalar multiplication) E ( K ) × Z → E ( K ) , ( P P P , d ) �→ Q Q Q = [ d ] P P P • one-way function • Cryptographic elliptic curves • K = F q with q = p (a prime) or q = 2 m • # E ( K ) = h n with h ∈ { 1 , 2 , 3 , 4 } and n prime • typical size: | n | 2 = 256 ( ≈ | K | 2 ) c 2019 OneSpan Innovation Centre 7 Innovation Centre

ELLIPTIC CURVE PRIMITIVE • EC primitive = point multiplication (a.k.a. scalar multiplication) E ( K ) × Z → E ( K ) , ( P P P , d ) �→ Q Q Q = [ d ] P P P • one-way function • Cryptographic elliptic curves • K = F q with q = p (a prime) or q = 2 m • # E ( K ) = h n with h ∈ { 1 , 2 , 3 , 4 } and n prime • typical size: | n | 2 = 256 ( ≈ | K | 2 ) Definition (ECDL Problem) Let G = � P P P � ⊆ E ( K ) a subgroup of prime order n Given points P P P , Q Q Q ∈ G , compute d such that Q Q Q = [ d ] P P P c 2019 OneSpan Innovation Centre 7 Innovation Centre

BASIC COUNTERMEASURES FOR PROTECTING Q Q Q ← [ d ] P P P • Add CRC checks • for private and public parameters • Randomize the computation • e.g., d ← d + r n with n = ord E ( P P P ) • Compute the operations twice • doubles the running time • Verify the signatures • ECDSA verification is slower than signing • Check that the output point Q Q = [ d ] P Q P P is in � P P P � • Q Q Q ∈ E • [ h ] Q Q Q � = O O O (only implies of large order) c 2019 OneSpan Innovation Centre 8 Innovation Centre

RING EXTENSION METHOD Shamir’s Trick m d mod ( rp ) 1 s p ∗ = ˙ m d mod ( rq ) 2 s q ∗ = ˙ 3 S = CRT( s p ∗ mod p , s q ∗ mod q ) iff s p ∗ ≡ s q ∗ (mod r ) c 2019 OneSpan Innovation Centre 9 Innovation Centre

RING EXTENSION METHOD Shamir’s Trick m d mod ( rp ) 1 s p ∗ = ˙ m d mod ( rq ) 2 s q ∗ = ˙ 3 S = CRT( s p ∗ mod p , s q ∗ mod q ) iff s p ∗ ≡ s q ∗ (mod r ) • Drawbacks • uses the value of d • does not detect errors on CRT combination • e.g., fault on i q • Variant • adaptation to RSA in standard mode � ring extension method c 2019 OneSpan Innovation Centre 9 Innovation Centre

BOS COUNTERMEASURE (1/2) Blömer–Otto–Seifert • Extension of Shamir’s trick to elliptic curves • Protected computation of Q Q Q = [ d ] P P P proceeds in 5 steps: 1 For a (small) prime r , define an elliptic curve E ′ over F r and a point P ′ P ′ on E ′ P ′ 2 Form the combined curve ˆ E = CRT( E , E ′ ) over Z / pr Z and the combined point ˆ ˆ ˆ P P = CRT( P P P , P ′ P ′ ) P ′ P 3 Compute ˆ Q = [ d ]ˆ ˆ ˆ P on ˆ ˆ ˆ Q Q P P E Q ′ = [ d ] P ′ P ′ on E ′ 4 Compute Q ′ Q ′ P ′ Q ′ (mod r ) , and 5 Check whether ˆ ˆ ˆ Q ≡ Q ′ Q ′ Q Q Q = ˆ ˆ ˆ • if so, output Q Q Q mod p Q Q • if not, return error c 2019 OneSpan Innovation Centre 10 Innovation Centre

BOS COUNTERMEASURE (2/2) Q ′ = [ d ] P ′ P ′ on E ′ ˆ Q = [ d ]ˆ ˆ ˆ P on ˆ ˆ ˆ Q ′ Q ′ P ′ Q P E Q P ? P ′ (mod r ) no ˆ ˆ ˆ P ′ Q Q Q ≡ P ′ error yes ˆ Q = ˆ ˆ Q Q Q Q Q mod p c 2019 OneSpan Innovation Centre 11 Innovation Centre

RING EXTENSION METHOD REVISITED Replace the combined curve ˆ E with E ( F p ) × G ′ ∼ = E ( F p ) × ( Z / r Z ) + where group G ′ is represented with elements having a group law that coincides with the group law used in the representation of E ( F p ) Two realizations: 1 Generalization of an earlier c/measure for Edwards curves (J., 2012) 2 Modification of a recent c/measure due to Neves and Tibouchi ( IET Inf. Sec. , 2018) c 2019 OneSpan Innovation Centre 12 Innovation Centre

FIRST REALIZATION Notation: E ( R ) = set of rational points on an elliptic curve E defined over R • For the ring R = Z / r 2 Z , we consider the r -order subgroup G ′ := E 1 ( Z / r 2 Z ) = P ∈ E ( Z / r 2 Z ) | P � � P P P P modulo r reduces to O O O ∼ = ( Z / r Z ) + where O O O is the identity element on E ( Z / r Z ) • Combined curve ˆ E becomes E ( F p ) × E 1 ( Z / r 2 Z ) ⊆ E ( Z / pr 2 Z ) c 2019 OneSpan Innovation Centre 13 Innovation Centre

SECOND REALIZATION • Use a degenerate curve • drawback: most elliptic curve models (excl. Weierstraß) do not have an additive degeneration • For a particular curve equation E ′ (i.e., with special curve parameters), we consider G ′ := E ′ ( Z / r Z )[ r ] = P satisfying the curve equation E ′ modulo r | [ r ] P � � P P P P = O O O ∼ = ( Z / r Z ) + (holds true for elliptic curve models commonly used in cryptographic applications) c 2019 OneSpan Innovation Centre 14 Innovation Centre

ILLUSTRATION Edwards Curves E a , b / F p : ax 2 + y 2 = 1 + bx 2 y 2 where ab ( a − b ) � = 0 • Addition law • O O = ( 0 , 1 ) O [neutral element] • − ( x 1 , y 1 ) = ( − x 1 , y 1 ) • ( x 1 , y 1 ) + ( x 2 , y 2 ) = ( x 3 , y 3 ) where x 3 = x 1 y 2 + x 2 y 1 , y 3 = y 1 y 2 − ax 1 x 2 1 + bx 1 x 2 y 1 y 2 1 − bx 1 x 2 y 1 y 2 • ...also valid for point doubling (and O O O ) • Addition law is complete if a is a square and b is a non-square c 2019 OneSpan Innovation Centre 15 Innovation Centre

SPECIAL CURVE E ′ : TAKE a = b = 0 G ′ := � � � ( x , y ) ∈ E ′ � Υ 2 ( ϑ ) = ( ϑ, 1 ) | ϑ ∈ Z / r Z ⊆ 0 , 0 ( Z / r Z ) • Properties • G ′ ≃ ( Z / r Z ) + , P 1 ∼ P 1 P 1 = ( ϑ 1 , 1 ) �→ ϑ 1 • # G ′ = r • [ d ] P 1 P 1 P 1 = ( d · ϑ 1 , 1 ) c 2019 OneSpan Innovation Centre 16 Innovation Centre

SPECIAL CURVE E ′ : TAKE a = b = 0 G ′ := � � � ( x , y ) ∈ E ′ � Υ 2 ( ϑ ) = ( ϑ, 1 ) | ϑ ∈ Z / r Z ⊆ 0 , 0 ( Z / r Z ) • Properties • G ′ ≃ ( Z / r Z ) + , P 1 ∼ P 1 P 1 = ( ϑ 1 , 1 ) �→ ϑ 1 • # G ′ = r • [ d ] P 1 P 1 P 1 = ( d · ϑ 1 , 1 ) � � x 1 y 2 + x 2 y 1 1 + bx 1 x 2 y 1 y 2 , y 1 y 2 − ax 1 x 2 • Addition law on G ′ : ( x 1 , y 1 ) + ( x 2 , y 2 ) = 1 − bx 1 x 2 y 1 y 2 1 Υ 2 ( 0 ) = ( 0 , 1 ) = O O O , and 2 Υ 2 ( ϑ 1 ) + Υ 2 ( ϑ 2 ) = ( ϑ 1 , 1 ) + ( ϑ 2 , 1 ) � ϑ 1 · 1 + ϑ 2 · 1 , 1 · 1 � = = ( ϑ 1 + ϑ 2 , 1 ) 1 1 = Υ 2 ( ϑ 1 + ϑ 2 ) c 2019 OneSpan Innovation Centre 16 Innovation Centre

PROTECTED ALGORITHM (1/2) Q ′ = [ d ] P ′ P ′ on E ′ ˆ Q = [ d ]ˆ ˆ ˆ P on ˆ ˆ ˆ Q ′ Q ′ P ′ Q P E Q P multiplication modulo r P ′ = ( d · ϑ, 1 ) with P ′ P ′ = ( ϑ, 1 ) [ d ] P ′ P ′ P ′ ? P ′ (mod r ) no ˆ ˆ ˆ P ′ Q Q Q ≡ P ′ error yes ˆ Q = ˆ ˆ Q Q Q Q Q mod p c 2019 OneSpan Innovation Centre 17 Innovation Centre

PROTECTED ALGORITHM (2/2) Input: P P P ∈ E , d Output: Q Q Q = [ d ] P P P $ ← ( Z / r Z ) + 1 Choose a small random r and draw ϑ P ′ ← ( ϑ, 1 ) ∈ E ′ 2 Define P ′ P ′ / ( Z / r Z ) + 3 Compute • ˆ ˆ ˆ P ′ ) and ˆ P ′ P , P ′ E ← CRT( E , E ′ ) P P P ← CRT( P P • ˆ Q ← [ d ]ˆ ˆ ˆ ˆ ˆ Q Q P P P ∈ E / ( Z / pr Z ) + Q ′ ← ( d ϑ mod r , 1 ) • Q ′ Q ′ Q ′ (mod r )) then return error 4 If (ˆ ˆ ˆ Q ′ Q �≡ Q ′ Q Q Q = ˆ ˆ ˆ 5 Return Q Q Q Q Q mod p c 2019 OneSpan Innovation Centre 18 Innovation Centre

SUMMARY • Ring extension method revisited • Two approaches are suggested • Generic algorithms for protecting ECC against fault attacks • Proposed techniques apply to many elliptic curve models, incl. • Weierstraß model • (twisted) Edwards model • Jacobi quartic model • Jacobi quadrics intersection model • Hessian model • Huff’s model • Efficient algorithms for protecting ECC against fault attacks • No need to generate prime numbers • Verification step boils down to a mere small modular multiplication • Much faster than BOS algorithm c 2019 OneSpan Innovation Centre 19 Innovation Centre