. /*-génération,

, * Affectation de a et b à f a et f b */ 4. sage : fa.fe_getValue() /* f a en mot de 32 bits *, 491466816.

, sage : fc = fe_reg

, sage : fc.fe_change(fb)

L. /*-modification-de-f-c-et-renvoie-de-la-distance-de and . Hw-*/, , vol.12

, Trace de la multiplication et de l'addition */ 13. sage : fc = rmul(fa,fb,hw_mul,rk) /* Multiplication modulaire */ 14. sage : fd = radd(fa,fb,hw_add,rk) /* Addition modulaire */ 15. sage : fc.fe_getValue(, 196043332.

, * Création d'une ligne SSA pour la variable t0 */ 2. sage : t0

. E-=-radd,

H. and H. , t2 = radd

J. Rsub,

À. La-fin-de-la and S. M. , Par conséquent, cette trace doit subir une dernière transformation. Cette modification consiste à calculer les variations de HW entre les différentes valeurs consécutives, présentes dans la trace, et permet d'obtenir une trace de l'ac-XZ. D'autres types de courbes et types de coordonnées pourraient être ajoutés au simulateur. De plus, une interface graphique permettrait de simplifier l'utilisation du simulateur pour un plus large emploi, la trace obtenue ne contient que les valeurs des mots en entrée des unités arithmétiques, et non les variations de HW

D. Agrawal, B. Archambeault, J. R. Rao, and P. Rohatgi, The EM Side-Channel(s), Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.29-45, 2002.

T. Akishita and T. Takagi, Zero-Value Point Attacks on Elliptic Curve Cryptosystem, Proc. Information Security -ISC, pp.218-233, 2003.

F. Amiel, B. Feix, M. Tunstall, C. Whelan, and W. P. Marnane, Distinguishing Multiplications from Squaring Operations, Proc. Selected Areas in Cryptography -SAC, pp.346-360, 2008.

F. Bao, R. H. Deng, and Y. Han, Breaking Public Key Cryptosystems on Tamper Resistant Devices in the Presence of Transient Faults, Proc. Security Protocols, pp.115-124, 1997.

H. Bar-el, H. Choukri, D. Naccache, M. Tunstall, and C. Whelan, The sorcerer's apprentice guide to fault attacks, Proceedings of the IEEE, vol.94, issue.2, pp.370-382, 2006.

P. Barrett, Implementing the Rivest Shamir and Adleman Public Key Encryption Algorithm on a Standard Digital Signal Processor, Advances in Cryptology -CRYPTO, pp.311-323, 1987.

J. M. Berger, A Note on Burst Detecting Sum Codes. Information and Control, vol.4, issue.2-3, pp.297-299, 1961.

D. J. Bernstein, Curve25519 : New Diffie-Hellman Speed Records, Proc. Public Key Cryptography -PKC, pp.207-228, 2006.

D. J. Bernstein and T. Lange, Explicit-formulas database

D. J. Bernstein, T. Lange, and . Safecurves,

I. Biehl, B. Meyer, and V. Müller, Differential Fault Attacks on Elliptic Curve Cryptosystems, Proc. Advances in Cryptology -CRYPTO, pp.131-146, 2000.

E. Biham and A. Shamir, Differential Fault Analysis of Secret Key Cryptosystems, Proc. Advances in Cryptology, pp.513-525, 1997.

J. Blömer and V. Krummel, Fault Based Collision Attacks on AES, Proc. Fault Diagnosis and Tolerance in Cryptography -FDTC, pp.106-120, 2006.

J. Blömer, M. Otto, and J. Seifert, Sign Change Fault Attacks on Elliptic Curve Cryptosystems, Proc. Fault Diagnosis and Tolerance in Cryptography -FDTC, pp.36-52, 2006.

D. Boneh, R. A. Demillo, and R. J. Lipton, On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract), Proc. Advances in Cryptology -EURO-CRYPT, pp.37-51, 1997.

L. Breveglieri, I. Koren, P. Maistri, and M. Ravasio, Incorporating Error Detection in an RSA Architecture, Proc. Fault Diagnosis and Tolerance in Cryptography -FDTC, pp.71-79, 2006.

E. Brier, C. Clavier, and F. Olivier, Correlation Power Analysis with a Leakage Model, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.16-29, 2004.
URL : https://hal.archives-ouvertes.fr/hal-02487026

E. Brier and M. Joye, Weierstraß Elliptic Curves and Side-Channel Attacks, Proc. Public Key Cryptography -PKC, pp.335-345, 2002.

D. Brumley and D. Boneh, Remote Timing Attacks are Practical, Computer Networks, vol.48, issue.5, pp.701-716, 2005.

E. Cagli, C. Dumas, and E. Prouff, Convolutional Neural Networks with Data Augmentation Against Jitter-Based Countermeasures -Profiling Attacks Without Pre-processing, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.45-68, 2017.

G. Canivet, Analysis of faulted-based attack effects and secure design on a reconfigurable platform. Theses, Institut National Polytechnique de Grenoble -INPG, pp.978-980, 2009.
URL : https://hal.archives-ouvertes.fr/tel-00422660

J. Cathalo, F. Koeune, and J. Quisquater, A New Type of Timing Attack : Application to GPS, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.291-303, 2003.

S. Chari, J. R. Rao, and P. Rohatgi, Template Attacks, Cryptographic Hardware and Embedded Systems -CHES, pp.13-28, 2002.

B. Chevallier-mames, Self-Randomized Exponentiation Algorithms, Proc. The Cryptographers' Track at the RSA -CT-RSA, pp.236-249, 2004.

B. Chevallier-mames, M. Ciet, and M. Joye, Low-Cost Solutions for Preventing Simple Side-Channel Analysis : Side-Channel Atomicity, IEEE Trans. Computers, vol.53, issue.6, pp.760-768, 2004.

M. Ciet and M. Joye, Elliptic Curve Cryptosystems in the Presence of Permanent and Transient Faults, Des. Codes Cryptography, vol.36, issue.1, pp.33-43, 2005.

M. Ciet and M. J. , Virtually) Free Randomization Techniques for Elliptic Curve Cryptography, Proc. Information and Communications Security -ICICS, pp.348-359, 2003.

C. Clavier, De la sécurité physique des crypto-systèmes embarqués. PhD thesis, 2007.

C. Clavier, B. Feix, G. Gagnerot, and C. Giraud, Mylène Roussellet, and Vincent Verneuil. ROSETTA for Single Trace Analysis, Proc. Conference on Cryptology in India -INDOCRYPT, pp.140-155, 2012.

C. Clavier and B. Feix, Horizontal Correlation Analysis on Exponentiation, Proc. Information and Communications Security -ICICS, pp.46-61, 2010.
URL : https://hal.archives-ouvertes.fr/inria-00540384

C. Clavier and M. Joye, Universal Exponentiation Algorithm, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.300-308, 2001.
URL : https://hal.archives-ouvertes.fr/hal-02487050

H. Cohen and G. Frey, Handbook of Elliptic and Hyperelliptic Curve Cryptography. Discrete Maths and Applications, 2005.

A. Stephen and . Cook, On the Minimum Computation Time of Functions, 1966.

J. Coron, Resistance against Differential Power Analysis for Elliptic Curve Cryptosystems, Proc. Cryptographic Hardware and Embedded Systems-CHES, pp.292-302, 1999.

R. Crandall, Method and apparatus for public key exchange in a cryptographic system, 1992.

J. Danger, S. Guilley, and P. Hoogvorst, Cédric Murdica, and David Naccache. Improving the Big Mac Attack on Elliptic Curve Cryptography, The New Codebreakers -Essays Dedicated to David Kahn on the Occasion of His 85th Birthday, vol.9100, pp.374-386, 2016.

D. J. Tanja-lange, P. Bernstein, and . Schwabe,

N. Debande, Y. Souissi, M. Nassar, S. Guilley, T. Le et al., Re-synchronization by moments" : An efficient solution to align Side-Channel traces, IEEE International Workshop on Information Forensics and Security, WIFS, pp.1-6, 2011.

A. Dehbaoui, Injection of transient faults using electromagnetic pulses -Practical results on a cryptographic system-. IACR Cryptology ePrint Archive, p.123, 2012.

J. Dhem, F. Koeune, P. Leroux, P. Mestré, J. Quisquater et al., A Practical Implementation of the Timing Attack, Proc. Smart Card Research and Applications, pp.167-182, 1998.

W. Diffie and M. Hellman, New directions in cryptography, IEEE Transactions on Information Theory, vol.22, issue.6, pp.644-654, 1976.

V. S. Dimitrov, G. A. Jullien, and W. C. Miller, An algorithm for modular exponentiation, Information Processing Letters, vol.66, issue.3, pp.155-159, 1998.

H. Dong, Modified Berger Codes for Detection of Unidirectional Errors, IEEE Trans. Computers, vol.33, issue.6, pp.572-575, 1984.

M. Harold and . Edwards, A Normal form for elliptic curves, Bulletin (New Series) of the American Mathematical Society, vol.44, issue.3, pp.393-422, 2007.

M. D. Ercegovac and T. Lang, Digital Arithmetic, 2003.
URL : https://hal.archives-ouvertes.fr/ensl-00542215

P. Fouque, D. Réal, F. Valette, and M. Drissi, The Carry Leakage on the Randomized Exponent Countermeasure, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.198-213, 2008.
URL : https://hal.archives-ouvertes.fr/hal-00538489

P. Fouque and F. Valette, The Doubling Attack -Why Upwards Is Better than Downwards, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.269-280, 2003.
URL : https://hal.archives-ouvertes.fr/inria-00563965

F. Pierre-alain-fouque, G. Muller, F. Poupard, and . Valette, Defeating Countermeasures Based on Randomized BSD Representations, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.312-327, 2004.

J. Francq, Design and Securization of High-Performance Arithmetic Units for ECC, 2009.
URL : https://hal.archives-ouvertes.fr/tel-00483568

C. H. Gebotys and R. J. Gebotys, Secure Elliptic Curve Implementations : An Analysis of Resistance to Power-Attacks in a DSP Processor, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.114-128, 2002.

D. Genkin, A. Shamir, and E. Tromer, Acoustic Cryptanalysis. J. Cryptology, vol.30, issue.2, pp.392-443, 2017.

B. Gierlichs, L. Batina, and P. Tuyls, Mutual Information Analysis -A Generic Side-Channel Distinguisher attack, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.426-442, 2008.

C. Giraud and V. Verneuil, Atomicity Improvement for Elliptic Curve Scalar Multiplication, Proc. Smart Card Research and Advanced Application -CARDIS, pp.80-101, 2010.
URL : https://hal.archives-ouvertes.fr/hal-01056098

R. Giterman, O. Keren, and A. Fis, A 7T security oriented SRAM bitcell, IEEE Transactions on Circuits and Systems-II : Express Briefs, vol.66, issue.8, pp.1396-1400, 2019.

L. Goubin, A Refined Power-Analysis Attack on Elliptic Curve Cryptosystems, Proc. Public Key Cryptography -PKC, pp.199-210, 2003.

S. Guilley, K. Khalfallah, V. Lomné, and J. Danger, Formal Framework for the Evaluation of Waveform Resynchronization Algorithms, Information Security Theory and Practice. Security and Privacy of Mobile Devices in Wireless Communication -WISTP, pp.100-115, 2011.
URL : https://hal.archives-ouvertes.fr/hal-01573296

J. Ha and S. Moon, Randomized Signed-Scalar Multiplication of ECC to Resist Power Attacks, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.551-563, 2002.

R. W. Hamming, Error Detecting and Error Correcting Codes. The Bell System Technical, Journal, vol.29, issue.2, pp.147-160, 1950.

D. Hankerson, A. Menezes, and S. Vanstone, Guide to Elliptic Curve Cryptography

. Springer, , 2004.

Y. Hayashi, N. Homma, and T. , Sugawara, and more authors. Non-invasive EMI-based fault injection attack against cryptographic modules, Proc. Electromagnetic Compatibility EMC, pp.763-767, 2011.

N. Homma, A. Miyamoto, and T. Aoki, Comparative Power Analysis of Modular Exponentiation Algorithms, IEEE Trans. Computers, vol.59, issue.6, pp.795-807, 2010.

N. Homma, A. Miyamoto, T. Aoki, A. Satoh, and A. Shamir, Comparative Power Analysis of Modular Exponentiation Algorithms, IEEE Trans. Computers, vol.59, issue.6, pp.795-807, 2010.

N. Homma, S. Nagashima, Y. Imai, T. Aoki, and A. Satoh, High-Resolution Side-Channel Attack Using Phase-Based Waveform Matching, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.187-200, 2006.

M. Y. Hsiao, A Class of Optimal Minimum Odd-weight-column SEC-DED Codes, IBM Journal of Research and Development, vol.14, issue.4, pp.395-401, 1970.

M. Hutter and J. Schmidt, The Temperature Side Channel and Heating Fault Attacks, Proc. Smart Card Research and Advanced Applications, pp.219-235, 2013.

M. Hutter and P. Schwabe, NaCl on 8-bit AVR Microcontrollers, Proc. AFRI-CACRYPT, pp.156-172, 2013.

M. Hutter, P. Schwabe, G. Hinterwälderand-björn, A. H. Haase, and . Sánchez,

I. Mines, -. , and T. Paristech, DPA contest

K. Itoh, T. Izu, and M. Takenaka, Address-Bit Differential Power Analysis of Cryptographic Schemes OK-ECDH and OK-ECDSA, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.129-143, 2002.

T. Izu, B. Möller, and T. Takagi, Improved Elliptic Curve Multiplication Methods Resistant against Side Channel Attacks, Proc. Progress in Cryptology -INDOCRYPT, pp.296-313, 2002.

T. Izu and T. Takagi, Exceptional Procedure Attack on Elliptic Curve Cryptosystems, Proc. Public Key Cryptography -PKC, pp.224-239, 2003.

D. Johnson, A. Menezes, and S. Vanstone, The Elliptic Curve Digital Signature Algorithm (ECDSA), International Journal of Information Security, vol.1, issue.1, pp.36-63, 2001.

M. Joye, Highly Regular Right-to-Left Algorithms for Scalar Multiplication, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.135-147, 2007.

A. Karatsuba and Y. Ofman, MMultiplication of multi-digit numbers on automata (in Russian), Doklady Akad. Nauk SSSR, vol.145, issue.2, pp.293-294, 1962.

C. Karlof and D. A. Wagner, Hidden Markov Model Cryptanalysis, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.17-34, 2003.

D. E. Knuth, The art of computer programming, Seminumerical Algorithms, vol.II, 1998.

N. Koblitz, Elliptic curve cryptosystems, Math. Comp, vol.48, issue.177, pp.203-209, 1987.

P. C. Kocher, Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems, Proc. Advances in Cryptology -CRYPTO, pp.104-113, 1996.

P. C. Kocher, J. Jaffe, and B. Jun, Differential Power Analysis, Proc. Advances in Cryptology -CRYPTO, pp.388-397, 1999.

P. C. Kocher, J. Jaffe, B. Jun, and P. Rohatgi, Introduction to differential power analysis, J. Cryptographic Engineering, vol.1, issue.1, pp.5-27, 2011.

E. Langer and . Langer-emv-technik,

Y. Li, K. Ohta, and K. Sakiyama, New Fault-Based Side-Channel Attack Using Fault Sensitivity, IEEE Trans. on Information Forensics and Security, vol.7, issue.1, pp.88-97, 2012.

Y. Li, K. Sakiyama, and S. Gomisawa, Fault Sensitivity Analysis, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.320-334, 2010.
URL : https://hal.archives-ouvertes.fr/hal-02287186

P. Liardet and N. P. Smart, Preventing SPA/DPA in ECC Systems Using the Jacobi Form, Cryptographic Hardware and Embedded Systems -CHES, pp.391-401, 2001.

S. Mangard, E. Oswald, and T. Popp, Power Analysis Attacks : Revealing the Secrets of Smart Cards, 2007.

T. S. Messerges, Using Second-Order Power Analysis to Attack DPA Resistant Software, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.238-251, 2000.

S. Victor and . Miller, Use of Elliptic Curves in Cryptography, Proc. Advances in Cryptology -CRYPTO, pp.417-426, 1985.

P. L. Montgomery, Speeding the Pollar and Elliptic Curves Methods of Factorisation. Mathematics of Computation, vol.48, pp.243-264, 1987.

L. Peter and . Montgomery, Modular multiplication without trial division, Mathematics of Computation, vol.44, pp.519-521, 1985.

E. D. Mulder, S. Berna-Örs, B. Preneel, and I. Verbauwhede, Differential power and electromagnetic attacks on a FPGA implementation of elliptic curve cryptosystems, Computers & Electrical Engineering, vol.33, issue.5-6, pp.367-382, 2007.

N. Méloni, Arithmétique pour la Cryptographie bassée sur les Courbes Elliptiques, 2007.

, NIST. Fips 186-4

K. Okeya and D. Han, Side Channel Attack on Ha-Moon's Countermeasure of Randomized Signed Scalar Multiplication, Proc. Progress in Cryptology -IN-DOCRYPT, pp.334-348, 2003.

K. Okeya and K. Sakurai, Power Analysis Breaks Elliptic Curve Cryptosystems even Secure against the Timing Attack, Proc. Progress in Cryptology -INDO-CRYPT, pp.178-190, 2000.

C. Paar, A New Architecture for a Parallel Finite Field Multiplier with Low Complexity Based on Composite Fields, IEEE Trans. Computers, vol.45, issue.7, pp.856-861, 1996.

G. Piret and J. Quisquater, A Differential Fault Attack Technique against SPN Structures, with Application to the AES and KHAZAD, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.77-88, 2003.

T. Plantard, Arithmétique modulaire pour la cryptographie, 2005.

S. Pontie, P. Maistri, and R. Leveugle, An Elliptic Curve Crypto-Processor Secured by Randomized Windows, Proc. Euromicro Conference on Digital System Design -DSD, pp.535-542, 2014.
URL : https://hal.archives-ouvertes.fr/hal-01132469

C. Rechberger and E. Oswald, Practical Template Attacks, Proc. Information Security Applications -WISA, pp.440-456, 2004.

J. Renes, C. Costello, and L. Batina, Complete Addition Formulas for Prime Order Elliptic Curves, Proc. Advances in Cryptology -EUROCRYPT, pp.403-428, 2016.

B. Robisson and P. Manet, Differential Behavioral Analysis, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.413-426, 2007.
URL : https://hal.archives-ouvertes.fr/emse-00481468

T. Roche, V. Lomné, and K. Khalfallah, Combined Fault and Side-Channel Attack on Protected Implementations of AES, Proc. Smart Card Research and Advanced Applications -CARDIS, pp.65-83, 2011.
URL : https://hal.archives-ouvertes.fr/hal-01596307

H. Sakamoto, Y. Li, K. Ohta, and K. Sakiyama, Fault Sensitivity Analysis Against Elliptic Curve Cryptosystems, Proc. Workshop on Fault Diagnosis and Tolerance in Cryptography -FDTC, pp.11-20, 2011.

S. Skorobogatov and R. Anderson, Optical Fault Induction Attacks, Cryptographic Hardware and Embedded Systems CHES, pp.2-12, 2002.

J. Solinas, Generalized Mersenne numbers, 1999.

D. Stebila and N. Thériault, Unified Point Addition Formulae and Side-Channel Attacks, Cryptographic Hardware and Embedded Systems -CHES, pp.354-368, 2006.

F. J. Taylor, Large moduli multipliers, Proc. IEEE International Conference on Acoustics, Speech, and Signal -ICASSP, pp.792-795, 1980.

A. Toom, The Complexity of a Scheme of Functional Elements Realizing the Multiplication of Integers, Soviet Mathematics-Doklady, vol.7, pp.714-716, 1963.

E. Trichina and A. Bellezza, Implementation of Elliptic Curve Cryptography with Built-In Counter Measures against Side Channel Attacks, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.98-113, 2002.

G. J. Jasper, M. F. Van-woudenberg, B. Witteman, and . Bakker, Improving Differential Power Analysis by Elastic Alignment, Proc. Topics in Cryptology -CT-RSA -The Cryptographers' Track at the RSA, pp.104-119, 2011.

I. Verbauwhede, D. Karaklajic, and J. Schmidt, The Fault Attack Jungle -A Classification Model to Guide You, Proc. Workshop on Fault Diagnosis and Tolerance in Cryptography, pp.3-8, 2011.

C. D. Walter, Sliding Windows Succumbs to Big Mac Attack, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.286-299, 2001.

C. D. Walter, Breaking the Liardet-Smart Randomized Exponentiation Algorithm, Proc. Smart Card Research and Advanced Application Conference, CARDIS, pp.59-68, 2002.

C. D. Walter, Simple Power Analysis of Unified Code for ECC Double and Add, Proc. Cryptographic Hardware and Embedded Systems -CHES, pp.191-204, 2004.

S. Yen and M. Joye, Checking Before Output May Not Be Enough Against Fault-Based Cryptanalysis, IEEE Trans. Computers, vol.49, issue.9, pp.967-970, 2000.

S. Sung-ming-yen, S. Kim, S. Lim, and . Moon, A Countermeasure against One Physical Cryptanalysis May Benefit Another Attack, Proc. Information Security and Cryptology -ICISC, pp.414-427, 2001.

S. Yen, L. Ko, S. Moon, and J. Ha, Relative doubling attack against montgomery ladder, Proc. Information Security and Cryptology -ICISC, pp.117-128, 2005.

E. Zeckendorf, Représentation des nombres naturels par une somme de nombres de Fibonacci ou de nombres de Lucas, Bull. Soc. Roy. Sci. Liège, vol.41, pp.179-182, 1972.