Elliptic Curve Cryptosystems (ECCs) constitute a new emerging class of public key cryptosystems, and have been widely applied in applications such as smart cards and embedded systems. The security of most ECCs is based upon the difficulty of solving a discrete logarithm problem based on a group of points on the elliptic curve. Where the elliptic curve is chosen correctly, the best of known methods configured for finding the discrete logarithm are of exponentially increasing difficulty. Thus, ECC exploits the fact that there is no sub-exponential method to solve the discrete logarithm problem on elliptic curves. Compared with other public key cryptosystem such as RSA, ECC uses shorter key sizes for the same level of security. This translates into fewer requirements on storage, memory, and computing power.
Unfortunately, conventional methods of operation in ECC are vulnerable to side-channel attacks. Side channel attacks measure observable parameters such as timings or power consumptions during cryptographic operations to deduce all or part of the secret information within the cryptosystem. For example, the comb method and other efficient point multiplication methods are vulnerable to power-analysis attacks. Power analysis attacks are based on an analysis of power consumed by a system. Information on the power used by a system assists the attacker to make assumptions on the operations performed by the system, and ultimately, to make guesses about secrets contained within the system.
Scalar multiplication, e.g. elliptic curve point multiplication, plays a critical role in ECCs. In fact, the method by which such multiplications are performed has a tremendous influence on whether different side-channel attacks are effective. Therefore, improved methods would result in safer ECCs.