Interleaved Ladders: One more Step on Generalizing the Montgomery Ladder - Institut de mathématiques de Toulon
Pré-Publication, Document De Travail Année : 2024

Interleaved Ladders: One more Step on Generalizing the Montgomery Ladder

Résumé

Iterative conditional branchings appear in various sensitive algorithms, like the modular exponentiation in the RSA cryptosystem or the scalar multiplication in elliptic-curve cryptography. The Montgomery ladder is a common example of such algorithm with desirable security properties against some side-channel and fault-injection attacks. In this paper, we abstract away and generalize these security properties by formalizing, using systems of equations, what we call semi-interleaved and fully-interleaved ladders. This fruitful approach allows us to design novel fault-injection attacks, able to obtain some/all bits of the secret against different ladders, breaking the common Montgomery ladder. We also demonstrate the generality of our approach by applying our ladder equations to the modular exponentiation and the scalar multiplication, both in the semi- and fully-interleaved cases, to propose novel and more secure algorithms.
Fichier principal
Vignette du fichier
ladderLong2.pdf (559.18 Ko) Télécharger le fichier
Origine Fichiers produits par l'(les) auteur(s)
licence

Dates et versions

hal-03157804 , version 1 (05-03-2021)
hal-03157804 , version 2 (11-03-2024)

Licence

Identifiants

Citer

Yoann Marquer, Tania Richmond, Pascal Véron. Interleaved Ladders: One more Step on Generalizing the Montgomery Ladder. 2024. ⟨hal-03157804v2⟩

Collections

UNIV-TLN IMATH UNC
550 Consultations
129 Téléchargements

Altmetric

Partager

More