IACR paper details
Title  Elliptic Curve Cryptosystems in the Presence of Permanent and Transient Faults 

Booktitle  IACR Eprint archive 

Pages  

Year  2003 

URL  http://eprint.iacr.org/2003/028 

Author  Mathieu Ciet 

Author  Marc Joye 

Abstract 
Elliptic curve cryptosystems in the presence of faults were studied
by Biehl, Meyer and Mueller (2000). The first fault model they
consider requires that the input point P in the
computation of dP is chosen by the adversary.
Their second and third fault models only require the knowledge of P.
But these two latter models are less `practical' in
the sense that they assume that only a few bits of error are
inserted (typically exactly one bit is supposed to be disturbed)
either into P just prior to the point multiplication or
during the course of the computation in a chosen location.
This report relaxes these assumptions and shows how random
(and thus unknown) errors in either coordinates of point P,
in the elliptic curve parameters or in the field
representation enable the (partial) recovery of multiplier d.
Then, from multiple point multiplications, we explain how this can
be turned into a total key recovery. Simple precautions to prevent
the leakage of secrets are also discussed.


Search for the paper
@misc{eprint200311746,
title={Elliptic Curve Cryptosystems in the Presence of Permanent and Transient Faults},
booktitle={IACR Eprint archive},
keywords={implementation / Elliptic curve cryptography, fault analysis, fault attacks, physical security, information leakage.},
url={http://eprint.iacr.org/2003/028},
note={ marc.joye@gemplus.com 12094 received 11 Feb 2003},
author={Mathieu Ciet and Marc Joye},
year=2003
}
Download a complete BibTeX file.