4556                                                      软件学报  2025  年第  36  卷第  10  期


                 References:
                  [1]   Miller VS. Use of elliptic curves in cryptography. In: Williams HC, ed. Advances in Cryptology—CRYPTO 1985 Proc. Berlin: Springer,
                     1986. 417–426. [doi: 10.1007/3-540-39799-X_31]
                  [2]   Koblitz  N.  Elliptic  curve  cryptosystems.  Mathematics  of  Computation,  1987,  48(177):  203–209.  [doi:  10.1090/S0025-5718-1987-
                     0866109-5]
                  [3]   Hankerson D, Menezes A, Vanstone S. Guide to Elliptic Curve Cryptography. New York: Springer, 2004. [doi: 10.1007/b97644]
                  [4]   Okeya K, Takagi T. The width-w NAF method provides small memory and fast elliptic scalar multiplications secure against side channel
                     attacks. In: Joye M, ed. Topics in Cryptology—CT-RSA 2003. San Francisco: Springer, 2003. 328–343. [doi: 10.1007/3-540-36563-
                     x_23]
                  [5]   Anagreh M, Vainikko E, Laud P. Accelerate performance for elliptic curve scalar multiplication based on NAF by parallel computing. In:
                     Proc.  of  the  5th  Int’l  Conf.  on  Information  Systems  Security  and  Privacy.  Prague:  SciTePress,  2019.  238–245.  [doi:  10.5220/
                     0007312702380245]
                  [6]   Hu XH, Zheng X, Zhang SS, Li WJ, Cai ST, Xiong XM. A high-performance elliptic curve cryptographic processor of SM2 over GF(P).
                     Electronics, 2019, 8(4): 431. [doi: 10.3390/electronics8040431]
                  [7]   Kocher P, Jaffe J, Jun B. Differential power analysis. In: Proc. of the 19th Annual Int’l Cryptology Conf. on Advances in Cryptology.
                     Santa Barbara: Springer, 1999. 388–397. [doi: 10.1007/3-540-48405-1_25]
                  [8]   Cao JZ, Cheng QF, Weng J. EHNP strikes back: Analyzing SM2 implementations. In: Proc. of the 13th Int’l Conf. on Cryptology in
                     Africa. Fes: Springer, 2022. 576–600. [doi: 10.1007/978-3-031-17433-9_25]
                  [9]   Ma ZQ, Li SG, Lin JQ, Cai QW, Fan SQ, Zhang F, Luo B. Another lattice attack against ECDSA with the wNAF to recover more bits per
                     signature. In: Proc. of the 18th EAI Int’l Conf. on Security and Privacy in Communication Networks. Springer, 2022. 111–129. [doi: 10.
                     1007/978-3-031-25538-0_7]
                 [10]   Zhang T, Fan MY, Wang GW, Lu XJ. Protection against power analysis attack for ECC on smartcard. Computer Engineering, 2007,
                     33(14): 125–127. (in Chinese with English abstract). [doi: 10.3969/j.issn.1000-3428.2007.14.044]
                 [11]   Yao  JB,  Yan  CQ,  Zhang  T.  Elliptic  curve  cryptography  algorithm  against  energy  attack.  In:  Proc.  of  the  2021  IEEE  Conf.  on
                     Telecommunications, Optics and Computer Science (TOCS). Shenyang: IEEE, 2021. 224–227. [doi: 10.1109/tocs53301.2021.9688886]
                 [12]   Shi L, Xu M. DWNAF: A dynamic window NAF scalar multiplication with threshold. Computer Science, 2017, 44(10): 159–164. (in
                     Chinese with English abstract). [doi: 10.11896/j.issn.1002-137X.2017.10.030]
                 [13]   Lee  MK.  SPA-resistant  simultaneous  scalar  multiplication.  In:  Proc.  of  the  2005  Int’l  Conf.  on  Computational  Science  and  Its
                     Applications. Singapore: Springer, 2005. 314–321. [doi: 10.1007/11424826_33]
                 [14]   Ciet M, Joye M. (Virtually) free randomization techniques for elliptic curve cryptography. In: Proc. of the 5th Int’l Conf. on Information
                     and Communications Security. Huhehaote: Springer, 2003. 348–359. [doi: 10.1007/978-3-540-39927-8_32]
                 [15]   Liu D, Tan ZY, Dai YQ. New elliptic curve multi-scalar multiplication algorithm for a pair of integers to resist SPA. In: Proc. of the 4th
                     Int’l Conf. on Information Security and Cryptology. Beijing: Springer, 2008. 253–264. [doi: 10.1007/978-3-642-01440-6_20]
                 [16]   Chen HY, Ma CG. A multiple scalar multiplications algorithm in the elliptic curve cryptosystem. Ruan Jian Xue Bao/Journal of Software,
                     2011,  22(4):  782–788.  (in  Chinese  with  English  abstract).  http://www.jos.org.cn/1000-9825/3730.htm  [doi:  10.3724/SP.J.1001.2011.
                     03730]
                 [17]   Akishita  T,  Katagi  M,  Kitamura  I.  SPA-resistant  scalar  multiplication  on  hyperelliptic  curve  cryptosystems  combining  divisor
                     decomposition technique and joint regular form. In: Proc. of the 8th Int’l Workshop on Cryptographic Hardware and Embedded Systems.
                     Yokohama: Springer, 2006. 148–159. [doi: 10.1007/11894063_12]
                 [18]   Goubin  L.  A  refined  power-analysis  attack  on  elliptic  curve  cryptosystems.  In:  Proc.  of  the  6th  Int’l  Workshop  on  Public  Key
                     Cryptography. Miami: Springer, 2003. 199–211. [doi: 10.1007/3-540-36288-6_15]
                 [19]   Akishita T, Takagi T. Zero-value point attacks on elliptic curve cryptosystem. In: Proc. of the 6th Int’l Conf. on Information Security.
                     Bristol: Springer, 2003. 218–233. [doi: 10.1007/10958513_17]
                 [20]   Yarom Y, Falkner K. Flush+Reload: A high resolution, low noise, L3 cache side-channel attack. In: Proc. of the 23rd USENIX Security
                     Symp. San Diego: USENIX Association, 2014. 719–732.
                 [21]   Fan JF, Verbauwhede I. An updated survey on secure ECC implementations: Attacks, countermeasures and cost. In: Naccache D, ed.
                     Cryptography and Security: From Theory to Applications: Essays Dedicated to Jean-Jacques Quisquater on the Occasion of His 65th
                     Birthday. Berlin: Springer, 2012. 265–282. [doi: 10.1007/978-3-642-28368-0_18]