| 摘要 |
When multiplicative splitting is used to hide a scalar in an Elliptic Cur ve scalar Multiplication ECSM operation, the associated modular division ope ration employs the known Almost Montgomery Inversion algorithm. By including dummy operations in some of the branches of the main iteration loop of the Almost Montgomery Inversion algorithm, all branches of the algorithm may be viewed, from the perspective of a Power Analysis-based attack, as equivalent and, accordingly, devoid of information useful in determining the value of the scalar, which may be a cryptographic private key. |
