{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2022,3,31]],"date-time":"2022-03-31T06:01:19Z","timestamp":1648706479995},"reference-count":43,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2010,10,20]],"date-time":"2010-10-20T00:00:00Z","timestamp":1287532800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2011,4]]},"DOI":"10.1007\/s00145-010-9087-5","type":"journal-article","created":{"date-parts":[[2010,10,19]],"date-time":"2010-10-19T14:37:34Z","timestamp":1287499054000},"page":"346-374","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Fault-Based Attack on Montgomery\u2019s Ladder Algorithm"],"prefix":"10.1007","volume":"24","author":[{"given":"Agustin","family":"Dominguez-Oviedo","sequence":"first","affiliation":[]},{"given":"M. Anwar","family":"Hasan","sequence":"additional","affiliation":[]},{"given":"Bijan","family":"Ansari","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2010,10,20]]},"reference":[{"key":"9087_CR1","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/3-540-36288-6_16","volume-title":"PKC 2003: Public Key Cryptography","author":"A. Antipa","year":"2003","unstructured":"A. Antipa, D.R.L. Brown, A. Menezes, R. Struik, S.A. Vanstone, Validation of elliptic curve public keys, in PKC 2003: Public Key Cryptography. LNCS, vol.\u00a02567 (Springer, Berlin, 2003), pp.\u00a0211\u2013223"},{"key":"9087_CR2","unstructured":"A. Becker, Methods of fault analysis attacks on elliptic curve cryptosystems. Diploma thesis, Technische Universit\u00e4t Darmstadt (2006)"},{"key":"9087_CR3","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"131","DOI":"10.1007\/3-540-44598-6_8","volume-title":"CRYPTO 2000: Advances in Cryptology","author":"I. Biehl","year":"2000","unstructured":"I. Biehl, B. Meyer, V. M\u00fcller, Differential fault attacks on elliptic curve cryptosystems, in CRYPTO 2000: Advances in Cryptology. LNCS, vol.\u00a01880 (Springer, Berlin, 2000), pp.\u00a0131\u2013146"},{"key":"9087_CR4","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1007\/11889700_4","volume-title":"FDTC 2005: Fault Diagnosis and Tolerance in Cryptography","author":"J. Bl\u00f6mer","year":"2006","unstructured":"J. Bl\u00f6mer, M. Otto, J.-P. Seifert, Sign change attacks on elliptic curve cryptosystems, in FDTC 2005: Fault Diagnosis and Tolerance in Cryptography. LNCS, vol.\u00a04236 (Springer, Berlin, 2006), pp.\u00a036\u201342"},{"issue":"2","key":"9087_CR5","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1007\/s001450010016","volume":"14","author":"D. Boneh","year":"2001","unstructured":"D. Boneh, R.A. DeMillo, R.J. Lipton, On the importance of eliminating errors in cryptographic computations. J.\u00a0Cryptol.\n                           14(2), 101\u2013119 (2001)","journal-title":"J.\u00a0Cryptol."},{"key":"9087_CR6","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"335","DOI":"10.1007\/3-540-45664-3_24","volume-title":"Public Key Cryptography","author":"E. Brier","year":"2002","unstructured":"E. Brier, M. Joye, Weierstra\u00df elliptic curves and side-channel attacks, in Public Key Cryptography. LNCS, vol.\u00a02274 (Springer, Berlin, 2002), pp.\u00a0335\u2013345"},{"issue":"1","key":"9087_CR7","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/s10623-003-1160-8","volume":"36","author":"M. Ciet","year":"2005","unstructured":"M. Ciet, M. Joye, Elliptic curve cryptosystems in the presence of permanent and transient faults. Des. Codes Cryptogr.\n                           36(1), 33\u201343 (2005)","journal-title":"Des. Codes Cryptogr."},{"issue":"6","key":"9087_CR8","doi-asserted-by":"publisher","first-page":"644","DOI":"10.1109\/TIT.1976.1055638","volume":"22","author":"W. Diffie","year":"1976","unstructured":"W. Diffie, M.E. Hellman, New directions in cryptography. IEEE Trans. Inf. Theory\n                           22(6), 644\u2013654 (1976)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"9087_CR9","unstructured":"A. Dom\u00ednguez-Oviedo, M.A. Hasan, Algorithm-level error detection for ECSM. CACR Technical Reports CACR 2009-05, University of Waterloo, Tech. Rep. (2009)"},{"key":"9087_CR10","doi-asserted-by":"publisher","first-page":"175","DOI":"10.1109\/TDSC.2008.21","volume":"6","author":"A. Dom\u00ednguez-Oviedo","year":"2009","unstructured":"A. Dom\u00ednguez-Oviedo, M.A. Hasan, Error detection and fault tolerance in ECSM using input randomization. IEEE Trans. Dependable Secure Comput.\n                           6, 175\u2013187 (2009)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"4","key":"9087_CR11","doi-asserted-by":"publisher","first-page":"469","DOI":"10.1109\/TIT.1985.1057074","volume":"31","author":"T. ElGamal","year":"1985","unstructured":"T. ElGamal, A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory\n                           31(4), 469\u2013472 (1985)","journal-title":"IEEE Trans. Inf. Theory"},{"issue":"2","key":"9087_CR12","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/BF02351717","volume":"1","author":"U. Feige","year":"1988","unstructured":"U. Feige, A. Fiat, A. Shamir, Zero-knowledge proofs of identity. J.\u00a0Cryptol.\n                           1(2), 77\u201394 (1988)","journal-title":"J.\u00a0Cryptol."},{"key":"9087_CR13","unstructured":"FIPS 186 Digital Signature Standard (DSS). Federal Information Processing Standards Publication 186. National Institute for Standards and Technology (1994)"},{"key":"9087_CR14","doi-asserted-by":"publisher","first-page":"92","DOI":"10.1109\/FDTC.2008.15","volume-title":"Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography","author":"P.-A. Fouque","year":"2008","unstructured":"P.-A. Fouque, R. Lercier, D. R\u00e9al, F. Valette, Fault attack on elliptic curve Montgomery ladder implementation, in Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography (2008), pp.\u00a092\u201398"},{"key":"9087_CR15","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1109\/FDTC.2008.17","volume-title":"FDTC \u201908: Proceedings of the 2008 5th Workshop on Fault Diagnosis and Tolerance in Cryptography","author":"J. Francq","year":"2008","unstructured":"J. Francq, J.-B. Rigaud, P. Manet, A. Tria, A. Tisserand, Error detection for borrow-save adders dedicated to ECC unit, in FDTC \u201908: Proceedings of the 2008 5th Workshop on Fault Diagnosis and Tolerance in Cryptography (IEEE Computer Society, Washington, 2008), pp.\u00a077\u201386"},{"key":"9087_CR16","doi-asserted-by":"crossref","first-page":"128","DOI":"10.1007\/978-3-642-56755-1_13","volume-title":"Proceedings of the Fifth International Conference on Finite Fields and Applications","author":"G. Frey","year":"2001","unstructured":"G. Frey, Applications of arithmetical geometry to cryptographic constructions, in Proceedings of the Fifth International Conference on Finite Fields and Applications (Springer, Berlin, 2001), pp.\u00a0128\u2013161"},{"issue":"232","key":"9087_CR17","doi-asserted-by":"crossref","first-page":"1699","DOI":"10.1090\/S0025-5718-99-01119-9","volume":"69","author":"R. Gallant","year":"2000","unstructured":"R. Gallant, R. Lambert, S. Vanstone, Improving the parallelized Pollard lambda search on anomalous binary curves. Math. Comput.\n                           69(232), 1699\u20131705 (2000)","journal-title":"Math. Comput."},{"issue":"1","key":"9087_CR18","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/s00145-001-0011-x","volume":"15","author":"P. Gaudry","year":"2002","unstructured":"P. Gaudry, F. Hess, N.P. Smart, Constructive and destructive facets of Weil descent on elliptic curves. J.\u00a0Cryptol.\n                           15(1), 19\u201346 (2002)","journal-title":"J.\u00a0Cryptol."},{"key":"9087_CR19","volume-title":"Guide to Elliptic Curve Cryptography","author":"D. Hankerson","year":"2003","unstructured":"D. Hankerson, A. Menezes, S.A. Vanstone, Guide to Elliptic Curve Cryptography (Springer, Berlin, 2003)"},{"key":"9087_CR20","series-title":"LNCS","first-page":"291","volume-title":"CHES 2002","author":"M. Joye","year":"2002","unstructured":"M. Joye, S.-M. Yen, The Montgomery powering ladder, in CHES 2002. LNCS (Springer, Berlin, 2002), pp.\u00a0291\u2013302"},{"key":"9087_CR21","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1090\/S0025-5718-1987-0866109-5","volume":"48","author":"N. Koblitz","year":"1987","unstructured":"N. Koblitz, Elliptic curve cryptosystems. Math. Comput.\n                           48, 203\u2013209 (1987)","journal-title":"Math. Comput."},{"key":"9087_CR22","series-title":"LNCS","first-page":"316","volume-title":"CHES 1999: Cryptographic Hardware and Embedded Systems","author":"J. L\u00f3pez","year":"1999","unstructured":"J. L\u00f3pez, R. Dahab, Fast multiplication on elliptic curves over GF(2\n                    m\n                  ) without precomputation, in CHES 1999: Cryptographic Hardware and Embedded Systems. LNCS, vol.\u00a01717 (Springer, Berlin, 1999), pp.\u00a0316\u2013327"},{"key":"9087_CR23","doi-asserted-by":"crossref","first-page":"127","DOI":"10.1112\/S1461157000000723","volume":"5","author":"M. Maurer","year":"2002","unstructured":"M. Maurer, A. Menezes, E. Teske, Analysis of the GHS Weil descent attack on the ECDLP over characteristic two finite fields of composite degree. LMS J. Comput. Math.\n                           5, 127\u2013174 (2002)","journal-title":"LMS J. Comput. Math."},{"issue":"5","key":"9087_CR24","doi-asserted-by":"publisher","first-page":"1639","DOI":"10.1109\/18.259647","volume":"39","author":"A. Menezes","year":"1993","unstructured":"A. Menezes, T. Okamoto, S.A. Vanstone, Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Trans. Inf. Theory\n                           39(5), 1639\u20131646 (1993)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"9087_CR25","volume-title":"Handbook of Applied Cryptography","author":"A. Menezes","year":"2001","unstructured":"A. Menezes, P.C. van Oorschot, S.A. Vanstone, Handbook of Applied Cryptography (CRC Press, Boca Raton, 2001)"},{"key":"9087_CR26","series-title":"LNCS","first-page":"417","volume-title":"CRYPTO 1985: Advances in Cryptology","author":"V.S. Miller","year":"1986","unstructured":"V.S. Miller, Use of elliptic curves in cryptography, in CRYPTO 1985: Advances in Cryptology. LNCS, vol.\u00a0218 (Springer, Berlin, 1986), pp.\u00a0417\u2013426"},{"key":"9087_CR27","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1090\/S0025-5718-1987-0866113-7","volume":"48","author":"P.L. Montgomery","year":"1987","unstructured":"P.L. Montgomery, Speeding the Pollard and elliptic curve methods of factorization. Math. Comput.\n                           48, 243\u2013264 (1987)","journal-title":"Math. Comput."},{"key":"9087_CR28","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1007\/3-540-44709-1_12","volume-title":"CHES 2001: Cryptographic Hardware and Embedded Systems","author":"K. Okeya","year":"2001","unstructured":"K. Okeya, K. Sakurai, Efficient elliptic curve cryptosystems from a scalar multiplication algorithm with recovery of the y-coordinate on a Montgomery-form elliptic curve, in CHES 2001: Cryptographic Hardware and Embedded Systems. LNCS, vol.\u00a02162 (Springer, Berlin, 2001), pp.\u00a0126\u2013141"},{"key":"9087_CR29","doi-asserted-by":"publisher","first-page":"106","DOI":"10.1109\/TIT.1978.1055817","volume":"24","author":"S. Pohlig","year":"1978","unstructured":"S. Pohlig, M. Hellman, An improved algorithm for computing logarithms over GF(p) and its cryptographic significance. IEEE Trans. Inf. Theory\n                           24, 106\u2013110 (1978)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"9087_CR30","first-page":"918","volume":"32","author":"J.M. Pollard","year":"1978","unstructured":"J.M. Pollard, Monte Carlo methods for index computation (mod p). Math. Comput.\n                           32, 918\u2013924 (1978)","journal-title":"Math. Comput."},{"key":"9087_CR31","doi-asserted-by":"publisher","first-page":"192","DOI":"10.1109\/IOLTS.2009.5196010","volume-title":"IEEE International On-Line Testing Symposium","author":"S. Pontarelli","year":"2009","unstructured":"S. Pontarelli, G. Cardarilli, M. Re, A. Salsano, Error detection in addition chain based ECC point multiplication, in IEEE International On-Line Testing Symposium (2009), pp.\u00a0192\u2013194"},{"key":"9087_CR32","unstructured":"M.O. Rabin, Digitalized signatures and public-key functions as intractable as factorization. Cambridge, MA, USA, Tech. Rep. (1979)"},{"issue":"2","key":"9087_CR33","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1145\/359340.359342","volume":"21","author":"R.L. Rivest","year":"1978","unstructured":"R.L. Rivest, A. Shamir, L. Adleman, A\u00a0method for obtaining digital signatures and public-key cryptosystems. Commun. ACM\n                           21(2), 120\u2013126 (1978)","journal-title":"Commun. ACM"},{"issue":"179","key":"9087_CR34","doi-asserted-by":"crossref","first-page":"301","DOI":"10.1090\/S0025-5718-1987-0890272-3","volume":"49","author":"H.-G. R\u00fcck","year":"1987","unstructured":"H.-G. R\u00fcck, A\u00a0note on elliptic curves over finite fields. Math. Comput.\n                           49(179), 301\u2013304 (1987)","journal-title":"Math. Comput."},{"key":"9087_CR35","first-page":"81","volume":"47","author":"T. Satoh","year":"1998","unstructured":"T. Satoh, K. Araki, Fermat quotients and the polynomial time discrete log algorithm for anomalous elliptic curves. Comment. Math. Univ. St. Pauli\n                           47, 81\u201392 (1998)","journal-title":"Comment. Math. Univ. St. Pauli"},{"key":"9087_CR36","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1016\/S1071-5797(02)00013-8","volume":"9","author":"T. Satoh","year":"2003","unstructured":"T. Satoh, B. Skjernaa, Y. Taguchi, Fast computation of canonical lifts of elliptic curves and its application to point counting. Finite Fields Appl.\n                           9, 89\u2013101 (2003)","journal-title":"Finite Fields Appl."},{"issue":"3","key":"9087_CR37","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1007\/BF00196725","volume":"4","author":"C.-P. Schnorr","year":"1991","unstructured":"C.-P. Schnorr, Efficient signature generation by smart cards. J.\u00a0Cryptol.\n                           4(3), 161\u2013174 (1991)","journal-title":"J.\u00a0Cryptol."},{"issue":"170","key":"9087_CR38","first-page":"483","volume":"44","author":"R. Schoof","year":"1985","unstructured":"R. Schoof, Elliptic curves over finite fields and the computation of square roots mod\u00a0p. Math. Comput.\n                           44(170), 483\u2013494 (1985)","journal-title":"Math. Comput."},{"key":"9087_CR39","doi-asserted-by":"publisher","first-page":"353","DOI":"10.1090\/S0025-5718-98-00887-4","volume":"67","author":"I.A. Semaev","year":"1998","unstructured":"I.A. Semaev, Evaluation of discrete logarithms in a group of p-torsion points of an elliptic curve in characteristic\u00a0p. Math. Comput.\n                           67, 353\u2013356 (1998)","journal-title":"Math. Comput."},{"key":"9087_CR40","first-page":"415","volume-title":"Proceedings of the Symposium in Pure Mathematics","author":"D. Shanks","year":"1971","unstructured":"D. Shanks, Class number, a theory of factorization, and genera, in Proceedings of the Symposium in Pure Mathematics, vol.\u00a020 (American Mathematical Society, Providence, 1971), pp.\u00a0415\u2013440"},{"key":"9087_CR41","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1007\/3-540-36400-5_2","volume-title":"CHES 2002: Cryptographic Hardware and Embedded Systems","author":"S. Skiribogatov","year":"2002","unstructured":"S. Skiribogatov, R. Anderson, Optical fault induction attacks, in CHES 2002: Cryptographic Hardware and Embedded Systems. LNCS, vol.\u00a02523 (Springer, Berlin, 2002), pp.\u00a02\u201312"},{"key":"9087_CR42","doi-asserted-by":"publisher","first-page":"112","DOI":"10.1109\/FDTC.2007.17","volume-title":"FDTC \u201907: Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography","author":"R. Stern","year":"2007","unstructured":"R. Stern, N. Joshi, K. Wu, R. Karri, Register transfer level concurrent error detection in elliptic curve crypto implementations, in FDTC \u201907: Proceedings of the Workshop on Fault Diagnosis and Tolerance in Cryptography (IEEE Computer Society, Washington, 2007), pp.\u00a0112\u2013119"},{"issue":"1","key":"9087_CR43","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/PL00003816","volume":"12","author":"P.C. van Oorschot","year":"1999","unstructured":"P.C. van Oorschot, M.J. Wiener, Parallel collision search with cryptanalytic applications. J.\u00a0Cryptol.\n                           12(1), 1\u201328 (1999)","journal-title":"J.\u00a0Cryptol."}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-010-9087-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00145-010-9087-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-010-9087-5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-010-9087-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,4,8]],"date-time":"2020-04-08T08:46:23Z","timestamp":1586335583000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00145-010-9087-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010,10,20]]},"references-count":43,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2011,4]]}},"alternative-id":["9087"],"URL":"https:\/\/doi.org\/10.1007\/s00145-010-9087-5","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010,10,20]]},"assertion":[{"value":"1 September 2009","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"20 October 2010","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}