1. Technical Field
Embodiments generally relate to electronic circuits and, more specifically, to circuits executing, in hardware or software fashion, signature or encryption algorithms implementing modular exponentiations or products on elliptic curves. Modular exponentiations are implemented, for example, by RSA-type algorithms, and operations on elliptic curves can be found, for example, in public key cryptography.
Embodiments more specifically apply to the protection of data manipulated by such calculations against side channel attacks.
2. Discussion of the Related Art
To protect data (typically, secret quantities) manipulated by calculations of modular exponentiation or on elliptic curves against side channel attacks, for example, DPA-type (Differential Power Analysis) attacks, random numbers are generally used to mask the quantities manipulated by the algorithm.
The calculation is efficiently protected by masking of the message (the data) or the point on the curve to be submitted to the calculation to protect its operation with the secret quantity.
However, at the end of the calculation, the result has to be unmasked, that is, the contribution of the random quantity to this result (encrypted message, signature, etc.) has to be suppressed, failing which the result cannot be exploited.
In usual circuits, the unmasking is highly resource-consuming (in terms of power, calculation time, etc.).