| 摘要 |
The method for elliptic curve scalar multiplication may provide several countermeasures to protect scalar multiplication of a private key k by a point P to produce the product kP from power analysis attacks. First, the private key, k, is partitioned into a plurality of key partitions, which are processed in a random order, the resulting points being accumulated to produce the scalar product kP. Second, in each partition, the encoding is randomly selected to occur in binary form or in Non-Adjacent Form (NAF), with the direction of bit inspection being randomly assigned between most-to-least and least-to-most. Third, in each partition, each zero in the key may randomly perform a dummy point addition operation in addition to the doubling operation. The method may be implemented in software, smart cards, circuits, processors, or application specific integrated circuits (ASICs) designed to carry out the method. |
