SCIENCE CHINA Information Sciences, Volume 61, Issue 3: 039102(2018) https://doi.org/10.1007/s11432-017-9108-3

Efficient flush-reload cache attack on scalar multiplication based signature algorithm

More info
  • ReceivedFeb 20, 2017
  • AcceptedMay 19, 2017
  • PublishedAug 16, 2017


There is no abstract available for this article.


[1] Yarom Y, Falkner K. Flush+reload: a high resolution, low noise, L3 cache side-channel attack. In: Proceedings of the 23rd USENIX Security Symposium, San Diego, 2014. 719--732. Google Scholar

[2] Yarom Y, Benger N. Recovering OpenSSL ECDSA nonces using the FLUSH + RELOAD cache side-channel attack. IACR Cryptology ePrint Archive, 2014, 2014: 140. Google Scholar

[3] State Cryptography Administration of China. Public key cryptographic algorithm SM2 based on elliptic curves. GM/T 0003-2012. http://www.oscca.gov.cn/UpFile/~2010122214822692.pdf. Google Scholar

[4] Nguyen P Q, Shparlinski I E. The insecurity of the ellipitc curve digital signature algorithm with partially known nonces. Design Code Cryptogr, 2003, 30: 151--176. Google Scholar

[5] Liu M, Chen J. Partially known nonces and fault injection attacks on SM2 signature algorithm. In: Proceedings of Information Security and Cryptology, Guangzhou, 2013. 343--358. Google Scholar

  • Figure 1

    (Color online) Selecting the monitored memory line and the attack result. (a) The binary method; (b) OpenSSL implementation of the loading time addition and doubling; (c) location of the monitored memory line; (d) measurement of the loading time; (e) error bits per bit position; (f) error bits per scalar; (g) error bits per scalar (exclude the first 2 bits).

Copyright 2020 Science China Press Co., Ltd. 《中国科学》杂志社有限责任公司 版权所有

京ICP备18024590号-1       京公网安备11010102003388号