New Adaptive Template Attacks Against Montgomery-Ladder-Based ECCs in IoT Devices

This study proposes a new adaptive template attack scheme for extracting secret keys in Montgomery-ladder (ML)-based elliptic curve cryptography (ECC) by effectively exploiting the leakage difference between key bits 1 and 0. To determine the key length and number of computation cycles per bit of the ECC to be attacked, the proposed adaptive attack employs an adaptive leakage-windowing technique and correlation analysis on the power trace obtained from an ECC module with a secret key. The point of interest (POI) is identified at the bit with the maximum difference in leakage between key bits 1 and 0 using the leakage window per bit. The trace from the victim ECC hardware with secret key is compared to those collected in prior templates with key bits 1 and 0 to recover the key. To validate the performance, a Xilinx Artix-7 FPGA chip was used to implement an Edward-curve digital signature algorithm (EdDSA) with Ed25519 and SHA-512 accelerators. The experimental results show a favorable key recovery rate of 100%. Further attack results are presented for the ECC modules with advanced countermeasures against side-channel attack, such as projective coordinate and/or scalar randomization. It is validated that the proposed adaptive attack is able to exploit successfully 100% of the keys of ML-based ECC accelerators without and with countermeasures of projective coordinate or scalar randomization. Only a heavily resource-consumed ECC module with implemented projective coordinate, scalar randomization, and a cryptographic secure random number generator is capable of defending the proposed attack.