A Combined Random Scalar Multiplication Algorithm Resistant to Power Analysis on Elliptic Curves

전력분석 공격에 대응하는 타원곡선 상의 결합 난수 스칼라 곱셈 알고리즘

  • Jung, Seok Won (Department of Information Security Engineering, Mokpo National University)
  • 정석원 (목포대학교 정보보호학과)
  • Received : 2020.04.27
  • Accepted : 2020.06.12
  • Published : 2020.06.30


The elliptic curve crypto-algorithm is widely used in authentication for IoT environment, since it has small key size and low communication overhead compare to the RSA public key algorithm. If the scalar multiplication, a core operation of the elliptic curve crypto-algorithm, is not implemented securely, attackers can find the secret key to use simple power analysis or differential power analysis. In this paper, an elliptic curve scalar multiplication algorithm using a randomized scalar and an elliptic curve point blinding is suggested. It is resistant to power analysis but does not significantly reduce efficiency. Given a random r and an elliptic curve random point R, the elliptic scalar multiplication kP = u(P+R)-vR is calculated by using the regular variant Shamir's double ladder algorithm, where l+20-bit u≡rn+k(modn) and v≡rn-k(modn) using 2lP=∓cP for the case of the order n=2l±c.


  1. Ministry of the Interior and Safety, Guideline for introduction of government internet of things, pp.19-22, 2019.
  2. S.Park, K.Han and K.Kim, "The Simplified V2V Communication Authentication Service for Privacy Protection", Jour. of The Korea Internet of Things Society , Vol.2, No.1, pp.35-40, 2016.
  3. T.Kim and S.Jung, "Test Vector Generator of timing simulation for 224-bit ECDSA hardware", Jour. of The Korea Internet of Things Society , Vol.1, No.1, pp.33-38, 2015.
  4. J-S.Coron, "Resistance against differential power analysis for elliptic curve cryptosystems", CHES'99, LNCS 1717, pp.292-302, 1999.
  5. E.Brier and M.Joye, "Weirstrass elliptic curves and side-channel attacks", PKC 2002, LNCS 2274, pp.335-345, 2002.
  6. M.Joye, "Highly regular right-to-left algorithms for scalar multiplication", CHES 2007, LNCS 4727, pp.135-147, 2007.
  7. A.Bauer, E.Jaulmes, E.Pruff, J.R.Reinhard and J.Wild, "Horizontal collision correlation attack on elliptic curves:-Extended Version-", Cryptography and Communications , Vol.7, No.1, pp.91-119, 2014.
  8. L.Goubin, "A refined power-analysis attack on elliptic curve cryptosystem", PKC 2003, LNCS 2567, pp.199-211, 2002.
  9. T.Akishita and T.Takagi, "Zero-value point attacks on elliptic curve cryptosystem", ISC 2003, LNCS 2851, pp.218-233, 2003.
  10. N.Hanley, H.S.Kim and M.Tunstall, "Exploiting collisions in addition chain-based exponentiation algorithms using a single trace", CT-RSA 2015, LNCS 9048, pp.431-448, 2015.
  11. C.Clavier and M.Joye, "Universal exponentiation algorithm", CHES 2001, LNCS 2162, pp.300-308, 2001.
  12. M.Ciet and M.Joye, "(Virtually) Free randomization techniques for elliptic curve cryptography", ICICS 2003, LNCS 2836, pp.348-359, 2003.
  13. N.Smart, E.Oswald and D.Page, "Randomised representations", IET Information Security, Vol.2, pp.19-27, 2008.
  14. P-A.Fouque and R.Valette, "The doubling attack why upwards is better than downloads", CHES 2003, LNCS 2779, pp.269-280, 2003.
  15. J.Ha, J.Park, S.Moon and S.Yen, "Provably secure countermeasure resistant to several types if power attack for ECC", WISA 2007, LNCS 4867, pp.333-344, 2007.
  16. D.Hankerson, A.Menezes, and S.Vanstone, Guide to Elliptic Curve Cryptography, pp.75-97, 2004.
  17. B.Feix, M.Roussellet and A.Vnelli, "Side-channel analysis on blinded regular scalar multiplications", INDOCRYPT 2014, LNCS 8885, pp.3-20, 2014.
  18. N.M.Ebeid, Key randomization countermeasures to power analysis attacks on elliptic curve cryptosystems, University of Waterloo, Phd.D. Electrical and Computer Engineering, 2007.
  19. K.Okeya and K.Sakurai, "Power analysis breaks elliptic curve cryptosystems even secure against the timing attack", INDOCRYPT 2000, LNCS 1977, pp.178-190, 2000.
  20. S.Jung, "A Method for Scalar Multiplication on Elliptic Curves against Differential Power Analysis using Efficient Key-Randomization", Jour. of the Korea contents association, Vol.20, No.1, pp.356-363, 2019.