An Elliptic Curve Crypto-Processor Secured by Randomized Windows

Embedded systems are increasingly providing secure functionalities, which often rely on some dedicated hardware for symmetric and public-key cryptography. When resources are limited, elliptic curve cryptography (ECC) may be chosen instead of the more widely known RSA, which needs much longer keys for the same security level. However, ECC may be vulnerable, as any other cryptographic implementation, to side channel analysis, which may reveal secret information by analyzing collateral sources of information, such as power consumption. Countermeasures must be thus adopted at the design level, in order to ensure robust and secure operation of the device. We propose here a new scalar multiplication algorithm on an elliptic curve, based on a novel randomized window method. This design is protected against side channel attacks (Timing, Simple and Differential Power Analysis) and it is implemented over prime fields, but it can be applied to binary fields as well. In order to evaluate this countermeasure, we provide its costs, and an estimation of the additional entropy added to the computation against side channels attacks.