Random pseudo-operations on elliptic curve scalar multiplication algorithm, less secure than it claimed by simple power analysis (SPA) attacks. Even in the single curve SPA, it leaks lots of useful key information. Multiple curve recursive approximation attack (MCRAA), a new multiple curve SPA attack, was proposed to get all of the key information with a small curve set. When the length of the key is n, the size of the set is O(lbn) which was confirmed by experiment.%讨论针对随机伪操作椭圆曲线密码标量乘算法的SPA攻击,理论推导和实测结果均表明,在单样本SPA攻击下,即可在功耗曲线中获取大量的密钥信息;而在针对算法中随机操作漏洞的一种新型多样本SPA攻击—多样本递推逼近攻击下,用极小样本量就可完整破译密钥.当密钥长度为n时,该攻击方法完整破译密钥所需的样本数仅为0(1b n).
展开▼
