{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T17:45:58Z","timestamp":1772905558346,"version":"3.50.1"},"publisher-location":"Cham","reference-count":61,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319694528","type":"print"},{"value":"9783319694535","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-69453-5_6","type":"book-chapter","created":{"date-parts":[[2017,10,19]],"date-time":"2017-10-19T08:39:11Z","timestamp":1508402351000},"page":"99-119","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":28,"title":["Attacking Embedded ECC Implementations Through cmov Side Channels"],"prefix":"10.1007","author":[{"given":"Erick","family":"Nascimento","sequence":"first","affiliation":[]},{"given":"\u0141ukasz","family":"Chmielewski","sequence":"additional","affiliation":[]},{"given":"David","family":"Oswald","sequence":"additional","affiliation":[]},{"given":"Peter","family":"Schwabe","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,10,20]]},"reference":[{"key":"6_CR1","unstructured":"Amaxilatis, D.: A generic algorithms library for heterogeneous, distributed, embedded systems. https:\/\/github.com\/ibr-alg\/wiselib"},{"key":"6_CR2","unstructured":"Aranha, D.F., Gouv\u00eaa, C.P.L.: RELIC is an Efficient LIbrary for Cryptography. https:\/\/github.com\/relic-toolkit\/relic"},{"key":"6_CR3","unstructured":"Atmel. Atmega328P datasheet (2016). http:\/\/www.atmel.com\/devices\/atmega328p.aspx"},{"key":"6_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1007\/978-3-540-28632-5_5","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2004","author":"J-C Bajard","year":"2004","unstructured":"Bajard, J.-C., Imbert, L., Liardet, P.-Y., Teglia, Y.: Leak resistant arithmetic. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 62\u201375. Springer, Heidelberg (2004). doi:10.1007\/978-3-540-28632-5_5"},{"key":"6_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"21","DOI":"10.1007\/978-3-319-13039-2_2","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2014","author":"L Batina","year":"2014","unstructured":"Batina, L., Chmielewski, \u0141., Papachristodoulou, L., Schwabe, P., Tunstall, M.: Online template attacks. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 21\u201336. Springer, Cham (2014). doi:10.1007\/978-3-319-13039-2_2"},{"key":"6_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"98","DOI":"10.1007\/978-3-319-03515-4_7","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2013","author":"A Bauer","year":"2013","unstructured":"Bauer, A., Jaulmes, \u00c9.: Correlation analysis against protected SFM implementations of RSA. In: Paul, G., Vaudenay, S. (eds.) INDOCRYPT 2013. LNCS, vol. 8250, pp. 98\u2013115. Springer, Cham (2013). doi:10.1007\/978-3-319-03515-4_7"},{"key":"6_CR7","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1007\/s12095-014-0111-8","volume":"7","author":"A Bauer","year":"2015","unstructured":"Bauer, A., Jaulmes, \u00c9., Prouff, E., Reinhard, J., Wild, J.: Horizontal collision correlation attack on elliptic curves - extended version -. Cryptogr. Commun. 7, 91\u2013119 (2015)","journal-title":"Cryptogr. Commun."},{"key":"6_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-36095-4_1","volume-title":"Topics in Cryptology \u2013 CT-RSA 2013","author":"A Bauer","year":"2013","unstructured":"Bauer, A., Jaulmes, E., Prouff, E., Wild, J.: Horizontal and vertical side-channel attacks against secure RSA implementations. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 1\u201317. Springer, Heidelberg (2013). doi:10.1007\/978-3-642-36095-4_1"},{"key":"6_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"82","DOI":"10.1007\/978-3-642-29912-4_7","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"S Bauer","year":"2012","unstructured":"Bauer, S.: Attacking exponent blinding in RSA without CRT. In: Schindler, W., Huss, S.A. (eds.) COSADE 2012. LNCS, vol. 7275, pp. 82\u201388. Springer, Heidelberg (2012). doi:10.1007\/978-3-642-29912-4_7"},{"key":"6_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1007\/978-3-662-44709-3_5","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2014","author":"N Benger","year":"2014","unstructured":"Benger, N., van de Pol, J., Smart, N.P., Yarom, Y.: \u201cOoh aah... just a little bit\u201d: a small amount of side channel can go a long way. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 75\u201392. Springer, Heidelberg (2014). doi:10.1007\/978-3-662-44709-3_5"},{"key":"6_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1007\/978-3-540-28632-5_2","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2004","author":"E Brier","year":"2004","unstructured":"Brier, E., Clavier, C., Olivier, F.: Correlation power analysis with a leakage model. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 16\u201329. Springer, Heidelberg (2004). doi:10.1007\/978-3-540-28632-5_2"},{"key":"6_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"335","DOI":"10.1007\/3-540-45664-3_24","volume-title":"Public Key Cryptography","author":"\u00c9 Brier","year":"2002","unstructured":"Brier, \u00c9., Joye, M.: Weierstra\u00df elliptic curves and side-channel attacks. In: Naccache, D., Paillier, P. (eds.) PKC 2002. LNCS, vol. 2274, pp. 335\u2013345. Springer, Heidelberg (2002). doi:10.1007\/3-540-45664-3_24"},{"key":"6_CR13","unstructured":"CertiVox. MIRACL Cryptographic SDK. https:\/\/github.com\/CertiVox\/MIRACL"},{"key":"6_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1007\/3-540-36400-5_3","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2002","author":"S Chari","year":"2003","unstructured":"Chari, S., Rao, J.R., Rohatgi, P.: Template attacks. In: Kaliski, B.S., Ko\u00e7, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 13\u201328. Springer, Heidelberg (2003). doi:10.1007\/3-540-36400-5_3"},{"key":"6_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"421","DOI":"10.1007\/978-3-319-15943-0_25","volume-title":"Information Security and Cryptology \u2013 ICISC 2014","author":"C-N Chen","year":"2015","unstructured":"Chen, C.-N.: Memory address side-channel analysis on exponentiation. In: Lee, J., Kim, J. (eds.) ICISC 2014. LNCS, vol. 8949, pp. 421\u2013432. Springer, Cham (2015). doi:10.1007\/978-3-319-15943-0_25"},{"key":"6_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1007\/978-3-319-08302-5_17","volume-title":"Smart Card Research and Advanced Applications","author":"O Choudary","year":"2014","unstructured":"Choudary, O., Kuhn, M.G.: Efficient template attacks. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 253\u2013270. Springer, Cham (2014). doi:10.1007\/978-3-319-08302-5_17"},{"key":"6_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"140","DOI":"10.1007\/978-3-642-34931-7_9","volume-title":"Progress in Cryptology - INDOCRYPT 2012","author":"C Clavier","year":"2012","unstructured":"Clavier, C., Feix, B., Gagnerot, G., Giraud, C., Roussellet, M., Verneuil, V.: ROSETTA for single trace analysis. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 140\u2013155. Springer, Heidelberg (2012). doi:10.1007\/978-3-642-34931-7_9"},{"key":"6_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"46","DOI":"10.1007\/978-3-642-17650-0_5","volume-title":"Information and Communications Security","author":"C Clavier","year":"2010","unstructured":"Clavier, C., Feix, B., Gagnerot, G., Roussellet, M., Verneuil, V.: Horizontal correlation analysis on exponentiation. In: Soriano, M., Qing, S., L\u00f3pez, J. (eds.) ICICS 2010. LNCS, vol. 6476, pp. 46\u201361. Springer, Heidelberg (2010). doi:10.1007\/978-3-642-17650-0_5"},{"key":"6_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"292","DOI":"10.1007\/3-540-48059-5_25","volume-title":"Cryptographic Hardware and Embedded Systems","author":"J-S Coron","year":"1999","unstructured":"Coron, J.-S.: Resistance against differential power analysis for elliptic curve cryptosystems. In: Ko\u00e7, \u00c7.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292\u2013302. Springer, Heidelberg (1999). doi:10.1007\/3-540-48059-5_25"},{"key":"6_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1007\/978-3-642-12510-2_6","volume-title":"Smart Card Research and Advanced Application","author":"J-C Courr\u00e8ge","year":"2010","unstructured":"Courr\u00e8ge, J.-C., Feix, B., Roussellet, M.: Simple power analysis on exponentiation revisited. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 65\u201379. Springer, Heidelberg (2010). doi:10.1007\/978-3-642-12510-2_6"},{"issue":"4","key":"6_CR21","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s13389-013-0062-6","volume":"3","author":"J-L Danger","year":"2013","unstructured":"Danger, J.-L., Guilley, S., Hoogvorst, P., Murdica, C., Naccache, D.: A synthesis of side-channel attacks on elliptic curve cryptography in smart-cards. J. Cryptogr. Eng. 3(4), 1\u201325 (2013)","journal-title":"J. Cryptogr. Eng."},{"key":"6_CR22","doi-asserted-by":"crossref","unstructured":"Dugardin, M., Papachristodoulou, L., Najm, Z., Batina, L., Danger, J., Guilley, S., Courr\u00e8ge, J., Therond, C.: Dismantling real-world ECC with horizontal and vertical template attacks. Cryptology ePrint Archive, Report 2015\/1001 (2015)","DOI":"10.1007\/978-3-319-43283-0_6"},{"issue":"2","key":"6_CR23","doi-asserted-by":"publisher","first-page":"493","DOI":"10.1007\/s10623-015-0087-1","volume":"77","author":"M D\u00fcll","year":"2015","unstructured":"D\u00fcll, M., Haase, B., Hinterw\u00e4lder, G., Hutter, M., Paar, C., S\u00e1nchez, A.H., Schwabe, P.: High-speed curve25519 on 8-bit, 16-bit and 32-bit microcontrollers. Des. Codes Crypt. 77(2), 493\u2013514 (2015)","journal-title":"Des. Codes Crypt."},{"key":"6_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"102","DOI":"10.1007\/978-3-642-27257-8_7","volume-title":"Smart Card Research and Advanced Applications","author":"V Dupaquis","year":"2011","unstructured":"Dupaquis, V., Venelli, A.: Redundant modular reduction algorithms. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 102\u2013114. Springer, Heidelberg (2011). doi:10.1007\/978-3-642-27257-8_7"},{"key":"6_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"269","DOI":"10.1007\/978-3-540-45238-6_22","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2003","author":"P-A Fouque","year":"2003","unstructured":"Fouque, P.-A., Valette, F.: The doubling attack \u2013 why upwards is better than downwards. In: Walter, C.D., Ko\u00e7, \u00c7.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 269\u2013280. Springer, Heidelberg (2003). doi:10.1007\/978-3-540-45238-6_22"},{"key":"6_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"224","DOI":"10.1007\/978-3-540-77026-8_17","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2007","author":"K Gopalakrishnan","year":"2007","unstructured":"Gopalakrishnan, K., Th\u00e9riault, N., Yao, C.Z.: Solving discrete logarithms from partial knowledge of the key. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 224\u2013237. Springer, Heidelberg (2007). doi:10.1007\/978-3-540-77026-8_17"},{"key":"6_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"431","DOI":"10.1007\/978-3-319-16715-2_23","volume-title":"Topics in Cryptology \u2014 CT-RSA 2015","author":"N Hanley","year":"2015","unstructured":"Hanley, N., Kim, H.S., Tunstall, M.: Exploiting collisions in addition chain-based exponentiation algorithms using a single trace. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 431\u2013448. Springer, Cham (2015). doi:10.1007\/978-3-319-16715-2_23"},{"key":"6_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-00306-6_1","volume-title":"Information Security Applications","author":"C Herbst","year":"2009","unstructured":"Herbst, C., Medwed, M.: Using templates to attack masked montgomery ladder implementations of modular exponentiation. In: Chung, K.-I., Sohn, K., Yung, M. (eds.) WISA 2008. LNCS, vol. 5379, pp. 1\u201313. Springer, Heidelberg (2009). doi:10.1007\/978-3-642-00306-6_1"},{"key":"6_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1007\/978-3-319-08302-5_6","volume-title":"Smart Card Research and Advanced Applications","author":"J Heyszl","year":"2014","unstructured":"Heyszl, J., Ibing, A., Mangard, S., Santis, F., Sigl, G.: Clustering algorithms for non-profiled single-execution attacks on exponentiations. In: Francillon, A., Rohatgi, P. (eds.) CARDIS 2013. LNCS, vol. 8419, pp. 79\u201393. Springer, Cham (2014). doi:10.1007\/978-3-319-08302-5_6"},{"key":"6_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1007\/978-3-642-27954-6_15","volume-title":"Topics in Cryptology \u2013 CT-RSA 2012","author":"J Heyszl","year":"2012","unstructured":"Heyszl, J., Mangard, S., Heinz, B., Stumpf, F., Sigl, G.: Localized electromagnetic analysis of cryptographic implementations. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 231\u2013244. Springer, Heidelberg (2012). doi:10.1007\/978-3-642-27954-6_15"},{"issue":"6","key":"6_CR31","doi-asserted-by":"publisher","first-page":"795","DOI":"10.1109\/TC.2009.176","volume":"59","author":"N Homma","year":"2010","unstructured":"Homma, N., Miyamoto, A., Aoki, T., Satoh, A., Shamir, A.: Comparative power analysis of modular exponentiation algorithms. IEEE Trans. Comput. 59(6), 795\u2013807 (2010)","journal-title":"IEEE Trans. Comput."},{"key":"6_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1007\/978-3-642-38553-7_9","volume-title":"Progress in Cryptology \u2013 AFRICACRYPT 2013","author":"M Hutter","year":"2013","unstructured":"Hutter, M., Schwabe, P.: NaCl on 8-bit AVR microcontrollers. In: Youssef, A., Nitaj, A., Hassanien, A.E. (eds.) AFRICACRYPT 2013. LNCS, vol. 7918, pp. 156\u2013172. Springer, Heidelberg (2013). doi:10.1007\/978-3-642-38553-7_9"},{"key":"6_CR33","unstructured":"iSec Partners. nano-ecc - a very small ECC implementation for 8-bit microcontrollers (2016). https:\/\/github.com\/iSECPartners\/nano-ecc"},{"key":"6_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/3-540-36400-5_11","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2002","author":"K Itoh","year":"2003","unstructured":"Itoh, K., Izu, T., Takenaka, M.: Address-bit differential power analysis of cryptographic schemes OK-ECDH and OK-ECDSA. In: Kaliski, B.S., Ko\u00e7, K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 129\u2013143. Springer, Heidelberg (2003). doi:10.1007\/3-540-36400-5_11"},{"key":"6_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"382","DOI":"10.1007\/978-3-540-45238-6_30","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2003","author":"K Itoh","year":"2003","unstructured":"Itoh, K., Izu, T., Takenaka, M.: A practical countermeasure against address-bit differential power analysis. In: Walter, C.D., Ko\u00e7, \u00c7.K., Paar, C. (eds.) CHES 2003. LNCS, vol. 2779, pp. 382\u2013396. Springer, Heidelberg (2003). doi:10.1007\/978-3-540-45238-6_30"},{"key":"6_CR36","doi-asserted-by":"crossref","unstructured":"Izumi, M., Ikegami, J., Sakiyama, K., Ohta, K.: Improved countermeasure against address-bit DPA for ECC scalar multiplication. In: 2010 Design, Automation & Test in Europe Conference and Exhibition (DATE 2010), pp. 981\u2013984. IEEE (2010)","DOI":"10.1109\/DATE.2010.5456907"},{"key":"6_CR37","doi-asserted-by":"crossref","unstructured":"Izumi, M., Sakiyama, K., Ohta, K.: A new approach for implementing the MPL method toward higher SPA resistance. In: International Conference on Availability, Reliability and Security, ARES 2009, pp. 181\u2013186. IEEE (2009)","DOI":"10.1109\/ARES.2009.61"},{"key":"6_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"104","DOI":"10.1007\/3-540-68697-5_9","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201996","author":"PC Kocher","year":"1996","unstructured":"Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104\u2013113. Springer, Heidelberg (1996). doi:10.1007\/3-540-68697-5_9"},{"key":"6_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"388","DOI":"10.1007\/3-540-48405-1_25","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 99","author":"P Kocher","year":"1999","unstructured":"Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388\u2013397. Springer, Heidelberg (1999). doi:10.1007\/3-540-48405-1_25"},{"key":"6_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"104","DOI":"10.1007\/978-3-319-16763-3_7","volume-title":"Smart Card Research and Advanced Applications","author":"T Lange","year":"2015","unstructured":"Lange, T., Vredendaal, C., Wakker, M.: Kangaroos in side-channel attacks. In: Joye, M., Moradi, A. (eds.) CARDIS 2014. LNCS, vol. 8968, pp. 104\u2013121. Springer, Cham (2015). doi:10.1007\/978-3-319-16763-3_7"},{"key":"6_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1007\/978-3-319-24018-3_11","volume-title":"Information Security Theory and Practice","author":"D-P Le","year":"2015","unstructured":"Le, D.-P., Tan, C.H., Tunstall, M.: Randomizing the montgomery powering ladder. In: Akram, R.N., Jajodia, S. (eds.) WISTP 2015. LNCS, vol. 9311, pp. 169\u2013184. Springer, Cham (2015). doi:10.1007\/978-3-319-24018-3_11"},{"key":"6_CR42","unstructured":"Liu, A., Ning, P.: TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks (Version 1.0). http:\/\/discovery.csc.ncsu.edu\/software\/TinyECC\/ver1.0\/index.html"},{"key":"6_CR43","unstructured":"Mackay, K.: micro-ecc \u2013 ECDH and ECDSA for 8-bit, 32-bit, and 64-bit processors (2016). https:\/\/github.com\/kmackay\/micro-ecc"},{"key":"6_CR44","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1007\/978-3-642-00306-6_2","volume-title":"Information Security Applications","author":"M Medwed","year":"2009","unstructured":"Medwed, M., Oswald, E.: Template attacks on ECDSA. In: Chung, K.-I., Sohn, K., Yung, M. (eds.) WISA 2008. LNCS, vol. 5379, pp. 14\u201327. Springer, Heidelberg (2009). doi:10.1007\/978-3-642-00306-6_2"},{"issue":"177","key":"6_CR45","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1090\/S0025-5718-1987-0866113-7","volume":"48","author":"PL Montgomery","year":"1987","unstructured":"Montgomery, P.L.: Speeding the Pollard and elliptic curve methods of factorization. Math. Comput. 48(177), 243\u2013264 (1987)","journal-title":"Math. Comput."},{"key":"6_CR46","unstructured":"Nascimento, E.: SAC 2016 - Implementation of algorithm for ECDLP with errors based on a time-memory tradeoff (2016). https:\/\/github.com\/enascimento\/SCA-ECC-keyrecovery"},{"key":"6_CR47","unstructured":"Nascimento, E.: SAC 2016 - Targeted Curve25519 implementations for AVR (2016). https:\/\/github.com\/enascimento\/sac2016-avr-target-impls"},{"key":"6_CR48","doi-asserted-by":"crossref","unstructured":"Nascimento, E., Chmielewski, L., Oswald, D., Schwabe, P.: Attacking embedded ECC implementations through cmov side channels (2016). https:\/\/eprint.iacr.org\/2016\/923","DOI":"10.1007\/978-3-319-69453-5_6"},{"key":"6_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1007\/978-3-319-24126-5_17","volume-title":"Security, Privacy, and Applied Cryptography Engineering","author":"E Nascimento","year":"2015","unstructured":"Nascimento, E., L\u00f3pez, J., Dahab, R.: Efficient and secure elliptic curve cryptography for 8-bit AVR microcontrollers. In: Chakraborty, R.S., Schwabe, P., Solworth, J. (eds.) SPACE 2015. LNCS, vol. 9354, pp. 289\u2013309. Springer, Cham (2015). doi:10.1007\/978-3-319-24126-5_17"},{"key":"6_CR50","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/978-3-319-19962-7_7","volume-title":"Information Security and Privacy","author":"C Negre","year":"2015","unstructured":"Negre, C., Perin, G.: Trade-off approaches for leak resistant modular arithmetic in RNS. In: Foo, E., Stebila, D. (eds.) ACISP 2015. LNCS, vol. 9144, pp. 107\u2013124. Springer, Cham (2015). doi:10.1007\/978-3-319-19962-7_7"},{"key":"6_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1007\/978-3-319-10175-0_17","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"C O\u2019Flynn","year":"2014","unstructured":"O\u2019Flynn, C., Chen, Z.D.: ChipWhisperer: an open-source platform for hardware embedded security research. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 243\u2013260. Springer, Cham (2014). doi:10.1007\/978-3-319-10175-0_17"},{"key":"6_CR52","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1007\/3-540-44709-1_12","volume-title":"Cryptographic Hardware and Embedded Systems \u2014 CHES 2001","author":"K Okeya","year":"2001","unstructured":"Okeya, K., Sakurai, K.: Efficient elliptic curve cryptosystems from a scalar multiplication algorithm with recovery of the y-coordinate on a montgomery-form elliptic curve. In: Ko\u00e7, \u00c7.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 126\u2013141. Springer, Heidelberg (2001). doi:10.1007\/3-540-44709-1_12"},{"key":"6_CR53","unstructured":"Otte, D.: Avr-crypto-lib (2016). https:\/\/git.cryptolib.org\/avr-crypto-lib.git"},{"key":"6_CR54","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1007\/978-3-319-31271-2_3","volume-title":"Smart Card Research and Advanced Applications","author":"G Perin","year":"2016","unstructured":"Perin, G., Chmielewski, \u0141.: A semi-parametric approach for side-channel attacks on protected RSA implementations. In: Homma, N., Medwed, M. (eds.) CARDIS 2015. LNCS, vol. 9514, pp. 34\u201353. Springer, Cham (2016). doi:10.1007\/978-3-319-31271-2_3"},{"key":"6_CR55","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1007\/978-3-319-10175-0_11","volume-title":"Constructive Side-Channel Analysis and Secure Design","author":"G Perin","year":"2014","unstructured":"Perin, G., Imbert, L., Torres, L., Maurine, P.: Attacking randomized exponentiations using unsupervised learning. In: Prouff, E. (ed.) COSADE 2014. LNCS, vol. 8622, pp. 144\u2013160. Springer, Cham (2014). doi:10.1007\/978-3-319-10175-0_11"},{"key":"6_CR56","unstructured":"Sigma. ECDSA and ECDH cryptographic algorithms for 8-bit AVR microcontrollers. http:\/\/www.cmmsigma.eu\/products\/crypto\/crs_avr010x.en.html"},{"key":"6_CR57","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"286","DOI":"10.1007\/3-540-44709-1_24","volume-title":"Cryptographic Hardware and Embedded Systems \u2014 CHES 2001","author":"CD Walter","year":"2001","unstructured":"Walter, C.D.: Sliding windows succumbs to big mac attack. In: Ko\u00e7, \u00c7.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 286\u2013299. Springer, Heidelberg (2001). doi:10.1007\/3-540-44709-1_24"},{"key":"6_CR58","unstructured":"Wang, H.: WM-ECC is an Elliptic Curve Cryptography (ECC) primitive suite developed exclusively for wireless sensor motes. http:\/\/cis.csuohio.edu\/~hwang\/WMECC.html"},{"key":"6_CR59","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"244","DOI":"10.1007\/978-3-319-03515-4_16","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2013","author":"E Wenger","year":"2013","unstructured":"Wenger, E., Unterluggauer, T., Werner, M.: 8\/16\/32 shades of elliptic curve cryptography on embedded processors. In: Paul, G., Vaudenay, S. (eds.) INDOCRYPT 2013. LNCS, vol. 8250, pp. 244\u2013261. Springer, Cham (2013). doi:10.1007\/978-3-319-03515-4_16"},{"key":"6_CR60","unstructured":"wolfSSL. Embedded Web Server for AVR. https:\/\/www.wolfssl.com\/wolfSSL\/Blog\/Entries\/2010\/11\/16_Embedded_Web_Server_for_AVR.html"},{"key":"6_CR61","doi-asserted-by":"crossref","unstructured":"Zhang, Z., Wu, L., Mu, Z., Zhang, X.: A novel template attack on wNAF algorithm of ECC. In: 2014 Tenth International Conference on Computational Intelligence and Security (CIS), pp. 671\u2013675. IEEE (2014)","DOI":"10.1109\/CIS.2014.66"}],"container-title":["Lecture Notes in Computer Science","Selected Areas in Cryptography \u2013 SAC 2016"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-69453-5_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,10,18]],"date-time":"2021-10-18T02:01:16Z","timestamp":1634522476000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-69453-5_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319694528","9783319694535"],"references-count":61,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-69453-5_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"20 October 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SAC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Selected Areas in Cryptography","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"St. John's","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Canada","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 August 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 August 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sacrypt2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.engr.mun.ca\/~sac2016\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}