On XTR and Side-Channel AnalysisDan Page, Martijn Stam, On XTR and Side-Channel Analysis. Selected Areas in Cryptography (SAC 2004). ISBN 3-540-24327-5, pp. 54–68. January 2005. No electronic version available.
Over the past few years, there has been a large volume of work on both attacking elliptic curve cryptosystems (ECC) using side-channel analysis and the development of related defence methods. Lenstra and Verheul recently introduced XTR, a cryptosystem that can compete with ECC in terms of processing and bandwidth requirements. These properties make XTR ideal for use on smart-cards, the devices that suffer most from vulnerability to side-channel attack. However, there are relatively few papers investigating the side-channel security of XTR and although some ECC techniques can be re-used, there are also notable differences. We aim to fill this gap in the literature. We present the first known SPA attack against XTR double exponentiation and two defence methods against such an attack. We also investigate methods of defending XTR against DPA attack.