We complete the study of  and  about Miller’s algorithm. Miller’s algorithm is a central step to compute the Weil, Tate and Ate pairings. The aim of this article is to analyze the weakness of Miller’s algorithm when it undergoes a fault attack. We prove that Miller’s algorithm is vulnerable to a fault attack which is valid in all coordinate systems, through the resolution of a nonlinear system. We highlight the fact that putting the secret as the first argument of the pairing is not a countermeasure. This article is an extensed version of the article .
Download Full PDF Version (Non-Commercial Use)