Elliptic Curve Cryptosystems in the Presence of Faults

Marc Joye
Thomson R&D France

Elliptic curve cryptosystems in the presence of faults were first studied by Biehl, Meyer and Müller in 2000. In this talk, we relaxe their assumptions and show how random errors enable the recovery of secret bits. Then, from multiple point multiplications, we explain how this can be turned into a total key recovery. Simple precautions to prevent the leakage of secrets are also discussed.

Presentation (PDF File)

Back to Workshop IV: Special purpose hardware for cryptography: Attacks and Applications