• DocumentCode
    3758016
  • Title

    Singular Curve Point Decompression Attack

  • Author

    Bl?mer; G?nther

  • Author_Institution
    Univ. of Paderborn, Paderborn, Germany
  • fYear
    2015
  • Firstpage
    71
  • Lastpage
    84
  • Abstract
    In this work, we show how to use instruction skip faults to transfers the discrete logarithm problem from a cryptographically strong elliptic curve to a weak singular curve. More specifically, we attack the algorithm that computes from a field element a point on the curve. This algorithm is a building block of point decompression, hashing to curves, and random point sampling. Our attack is most powerful for curves of j-invariant zero that often occur in pairing based cryptography. Therefore, to demonstrate the effectivity of our attack in practice, we perform it on an AVR Xmega A1 for the pairing based Boneh-Lynn-Shacham short signature scheme.
  • Keywords
    "Elliptic curves","Standards","Elliptic curve cryptography","Protocols","Encryption","Additives"
  • Publisher
    ieee
  • Conference_Titel
    Fault Diagnosis and Tolerance in Cryptography (FDTC), 2015 Workshop on
  • Type

    conf

  • DOI
    10.1109/FDTC.2015.17
  • Filename
    7426154
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3758016