First-order side channel attacks on Zhang’s countermeasures

Zhang’s three countermeasures are known to be secure against certain first-order side channel attacks such as differential power analysis and correlation power analysis. This security comes from the countermeasures’ use of random points to blind the message and random integers to blind the secret scalar. In this paper, we propose first-order side channel attack methods that can perfectly break these three countermeasures. Even though Zhang’s countermeasures use random points and random integers our attacks are made possible by the fact that intermediate values computed by these countermeasures are dependent on specific values that we can guess. The experimental results verify that the proposed attack methods can successfully break existing countermeasures.