We propose a hybrid hardware attack (fault-power attack) combining side channel and fault attacks that is more powerful than either side channel or fault attack alone. A side channel attack is an attack that takes advantage of information leaked during execution of a cryptographic procedure. A fault attack is one that takes advantage of output when errors occur or incorrect values are inputted. The current elliptic scalar multiplication of the x-coordinate-only trick can prevent side channel attacks, but its ability to prevent fault attacks is unknown. We propose an elliptic scalar multiplication method using the x-coordinate-only trick, which is immune to known side channel and fault attacks. However, this countermeasure is vulnerable to the fault-power attack, which pins the pseudo-random number generator in the scalar multiplication using faults, and detects the scalar using power analysis.
展开▼
