On the vulnerability of exponent recodings for the exponentiation against side channel attacks

Yasuyuki Sakai, Kouichi Sakurai

Research output: Contribution to journalArticlepeer-review


In this paper we propose a new side channel attack, where exponent recodings for public key cryptosystems such as RSA and ECDSA are considered. The known side channel attacks and countermeasures for public key cryptosystems were against the main stage (square and multiply stage) of the modular exponentiation (or the point multiplication on an elliptic curve). We have many algorithms which achieve fast computation of exponentiations. When we compute an exponentiation, the exponent receding has to be carried out before the main stage. There are some exponent receding algorithms including conditional branches, in which instructions depend on the given exponent value. Consequently exponent receding can constitute an information channel, providing the attacker with valuable information on the secret exponent. In this paper we show new algorithms of attack on exponent receding. The proposed algorithms can recover the secret exponent, when the width-w NAF [9] and the unsigned/signed fractional window representation [5] are used. copyright

Original languageEnglish
Pages (from-to)154-160
Number of pages7
JournalIEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Issue number1
Publication statusPublished - Jan 2005

All Science Journal Classification (ASJC) codes

  • Signal Processing
  • Computer Graphics and Computer-Aided Design
  • Electrical and Electronic Engineering
  • Applied Mathematics


Dive into the research topics of 'On the vulnerability of exponent recodings for the exponentiation against side channel attacks'. Together they form a unique fingerprint.

Cite this