Volltext-Downloads (blau) und Frontdoor-Views (grau)

SEMA and MESD Leakage of TinyECC 2.0 on a LOTUS Sensor Node

  • TinyECC 2.0 is an open source library for Elliptic Curve Cryptography (ECC) in wireless sensor networks. This paper analyzes the side channel susceptibility of TinyECC 2.0 on a LOTUS sensor node platform. In our work we measured the electromagnetic (EM) emanation during computation of the scalar multiplication using 56 different configurations of TinyECC 2.0. All of them were found to be vulnerable, but to a different degree. The different degrees of leakage include adversary success using (i) Simple EM Analysis (SEMA) with a single measurement, (ii) SEMA using averaging, and (iii) Multiple-Exponent Single-Data (MESD) with a single measurement of the secret scalar. It is extremely critical that in 30 TinyECC 2.0 configurations a single EM measurement of an ECC private key operation is sufficient to simply read out the secret scalar. MESD requires additional adversary capabilities and it affects all TinyECC 2.0 configurations, again with only a single measurement of the ECC private key operation. These findings give evidence that in security applications a configuration of TinyECC 2.0 should be chosen that withstands SEMA with a single measurement and, beyond that, an addition of appropriate randomizing countermeasures is necessary.

Download full text files

Export metadata

Additional Services

Search Google Scholar Check availability

Statistics

Show usage statistics
Metadaten
Document Type:Preprint
Language:English
Author:Jacek Samotyja, Kerstin Lemke-Rust, Markus Ullmann
Parent Title (German):Cryptology ePrint Archive
Article Number:2015/354
Number of pages:16
URN:urn:nbn:de:hbz:1044-opus-25248
URL:https://eprint.iacr.org/2015/354
Publisher:International Association for Cryptologic Research
Publishing Institution:Hochschule Bonn-Rhein-Sieg
Date of first publication:2015/04/20
Keyword:LOTUS Sensor Node; MESD; SEMA; Side Channel Analysis; TinyECC 2.0; Wireless Sensor Network
Departments, institutes and facilities:Fachbereich Informatik
Institut für Cyber Security & Privacy (ICSP)
Dewey Decimal Classification (DDC):0 Informatik, Informationswissenschaft, allgemeine Werke / 00 Informatik, Wissen, Systeme / 004 Datenverarbeitung; Informatik
Entry in this database:2016/07/06
Licence (German):License LogoCreative Commons - CC BY - Namensnennung 4.0 International