POWER SIGNATURE ATTACK RESISTANT CRYPTOGRAPHY

摘要

This invention provides a method of computing a multiple k of a point P on an elliptic curve defined over a field, the method including the steps of representing the number k as binary vector kI, forming an ordered pair of point P1 and P2, wherein the points P1 and P2 differ at most by P, and selecting each of the bits ki in sequence, and for each of the ki, upon ki being a 0, computing a new set of points P1', P2' by doubling the first point P1 to generate the point P1' and adding the points P1 and P2 to generate the point P2' or upon ki being a 1, computing a new set of points P1', P2' by doubling the second point P2 to generate the point P2' and adding the points P1 and P2 to produce the point P1', whereby the doubles or adds are always performed in the same order for each of the bits bi, thereby minimizing a timing attack on the method. An embodiment of the invention applies to both multiplicative and additive groups.