ECC systems are subject to “side-channel” attacks (e.g., power analysis attacks, differential power analysis) that exploit information leaked into the operating environment of a device while the device executes cryptographic algorithms. For example, a hacker may monitor the power consumed or the electromagnetic radiation emitted by a device (e.g., a smart card), while it performs private-key operations such as decryption and signature generation. The hacker may also measure the time it takes to perform a cryptographic operation, or analyze how a cryptographic device behaves when certain errors are encountered. Some conventional countermeasures to side-channel attacks insert “dummy” cryptographic operations (e.g., doubling, addition), so that the operations cannot be distinguished from each other when viewed on a power trace, for example. Inserting additional “dummy” operations, however, slows down the overall cryptographic process, which may be unacceptable for certain applications.