A second-order DPA attack breaks a window-method based countermeasure against side channel attacks

Katsuyuki Okeya, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingConference contribution

28 Citations (Scopus)


Möller proposed a countermeasure using window method against side channel attacks. However, its immunity to side channel attacks is still controversial. In this paper, we show Möller’s countermeasure is vulnerable to a second-order differential power analysis attack. A side channel attackis an attackthat takes advantage of information leaked during execution of a cryptographic procedure. An nth-order differential power analysis attackis the side channel attackwhic h uses n different leaked data that correspond to n different intermediate values during the execution. Our proposed attackagainst Möller’s countermeasure finds out the use of same elliptic points, and restricts candidates of the secret scalar value. In these circumstances, the attackcompletely detects the scalar value using Baby-Step-Giant-Step method as a directcomputational attack. For a 160-bit scalar value, the proposed attack restricts the number of candidates of the scalar to a 45-bit integer, and the direct-computational attackcan actually detect the scalar value. Besides, we improve Möller’s countermeasure to prevent the proposed attack. We compare the original method and improved countermeasure in terms of the computational intractability and the computational cost of the scalar multiplication.

Original languageEnglish
Title of host publicationInformation Security - 5th International Conference, ISC 2002, Proceedings
EditorsAgnes Hui Chan, Virgil Gligor
PublisherSpringer Verlag
Number of pages13
ISBN (Print)3540442707, 9783540442707
Publication statusPublished - Jan 1 2002
Event5th International Conference on Information Security, ISC 2002 - Sao Paulo, Brazil
Duration: Sept 30 2002Oct 2 2002

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other5th International Conference on Information Security, ISC 2002
CitySao Paulo

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'A second-order DPA attack breaks a window-method based countermeasure against side channel attacks'. Together they form a unique fingerprint.

Cite this