Section: New Results

Computer Arithmetic

Together with Laurent Imbert (LIRMM, France), we designed in [13] an attack against a recently published randomized elliptic-curve scalar multiplication scheme based on covering systems of congruences. We also proposed a more robust algorithm based on a mixed-radix representation of the scalar. However, under strong security hypotheses, this algorithm may still allow a virtual powerful attacker to recover much more information than what was first expected. This led us to the conclusion that randomized algorithms based on the mixed-radix number system should be avoided.