Side channel attack on multiprecision multiplier used in protected ECDSA implementation

Abstract

When considering Elliptic Curve Cryptography (ECC) implementations, countermeasures against side channel attacks are primarily focused on elliptic curve arithmetic. On the other hand, Elliptic Curve Digital Signature Algorithm (ECDSA) implementation also uses a modular multiplication of a private key dA, and publicly known random parameter r. The side channel leakage of the multiplication rdA can reveal the private key, especially in systems with narrow-width data-path used for multiprecision arithmetic. The proposed countermeasure is based on the different order of arithmetic operations, masking the critical multiplication by a random ephemeral key k-1. In this work, we demonstrate a special variant of collision attack against the protected ECDSA signature computation. The collision attack exploits the leakage from multiprecision integer multiplier, which is a building block of several published scalable FPGA-enabled ECC crypto-processors. Our concrete experimental results were obtained from hardware DISIPA platform based on Altera Cyclone III FPGA.