2

:

:

:

1996

1998

Timing Attacks in Crypto ’96 Paul C. Kocher

Differential Power Analysis in CRYPTO ’99

Paul C. Kocher, et al

2000

Practical Implementation of Timing Attack in CARDIS ’98

J. F. Dhem

Power Analysis Attacks of Modular Exponentiation in CHES’99

T. S. Messerges, et al

Timing attack

Power analysis attack

2002

Resistance against DPA for ECC in CHES’99 J. S. Coron

Randomized Addition-Subtraction Chains against PA in CHES’01E. Oswald et al

3

’ ’

’

4

5

}1,0{ ,2

1

0

n

i ii

i kkk

6

–{

+ }

7

8

–{ } Return Q[0]

9

10

}1,0,1{ ,20

n

i ii

i ddd

1

|d|

–{

} Q

11

––

11

1 1

1

12

0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 0 1 0 0 1 1 1 0 1 0 0 0 1 0 1 0 1 1 0 1 1 0 1 0 0 1 1 1 1 0 1 0 0 0 0 0 1 0 0 1 0 0 1 0 1 0 1 1 0 1 1 0 1 1 1 0 0 1 1 1 0 1 0 1 1 1 1 0 1 0 1 1 1 1 1 0

1

1

1

1

11

13

– +

– –

1 1

11

1 1

14

15

1

16

–{ } Return Q[0]

}1,0,1{ ,20

n

i ii

i ddd

1

1

17

’’

=|r| (

18

Data signal

Response

Control signal

Trigger

signal

Control signal

Measuring

signal

Card reader

19

’

………

20