An efficient DPA countermeasure with randomized montgomery operations for DF-ECC processor

Jen Wei Lee*, Ju Hung Hsiao, Hsie-Chia Chang, Chen-Yi Lee

*Corresponding author for this work

    Research output: Contribution to journalArticlepeer-review

    26 Scopus citations


    Nowadays, differential power-analysis (DPA) attacks are a serious threat for cryptographic systems due to the inherent existence of data-dependent power consumption. Hiding power consumption of encryption circuit or applying key-blinded techniques can increase the security against DPA attacks, but they result in a large overhead for hardware cost, execution time, and energy dissipation. In this brief, a new DPA countermeasure performing all field operations in a randomized Montgomery domain is proposed to eliminate the correlation between target and reference power traces. After implemented in 90-nm CMOS process, our protected 521-bit dual-field elliptic curve (EC) cryptographic processor can perform one EC scalar multiplication in 8.08 ms over GF(p521) and 4.65 ms over GF(2 409), respectively, with 4.3% area and 5.2% power overhead. Experiments from a field-programmable gate array evaluation board demonstrate that the private key of unprotected device will be revealed within 10 3 power traces, whereas the same attacks on our proposal cannot successfully extract the key value even after 10 6 measurements.

    Original languageEnglish
    Article number6187713
    Pages (from-to)287-291
    Number of pages5
    JournalIEEE Transactions on Circuits and Systems I: Regular Papers
    Issue number5
    StatePublished - 1 May 2012


    • Dual fields
    • elliptic curve (EC) cryptography (ECC)
    • power-analysis attacks
    • security system


    Dive into the research topics of 'An efficient DPA countermeasure with randomized montgomery operations for DF-ECC processor'. Together they form a unique fingerprint.

    Cite this