University of Birmingham > Talks@bham > Computer Security Seminars > Template Power Analysis Against ECC Software Implementations

Template Power Analysis Against ECC Software Implementations

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Gurchetan Grewal.

Side-channel attacks are a real threat against ECC software implementations on microcontrollers. The X25519 Diffie-Hellman Key Exchange protocol on Curve25519 allows for efficient and simple constant time implementations, making it suitable for application on constrained environments, such as microcontrollers. Protection against power analysis requires specific countermeasures, which may be costly in performance but still not effective against template attacks. I’ll show that the power consumption leakage of a single instruction can reveal bits of the private key by means of a template SPA attack on a X25519 implementation for an 8-bit AVR microcontroller. Also, I’ll show that Flash memory addresses leak through power, which could be used to recover the secret-dependent indexes in lookups of tables of precomputed points, typically applied in optimized signature generation implementations.

This talk is part of the Computer Security Seminars series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.


Talks@bham, University of Birmingham. Contact Us | Help and Documentation | Privacy and Publicity.
talks@bham is based on from the University of Cambridge.