leakage resilient cryptography
Download
Skip this Video
Download Presentation
Leakage-Resilient Cryptography

Loading in 2 Seconds...

play fullscreen
1 / 45

Leakage-Resilient Cryptography - PowerPoint PPT Presentation


  • 105 Views
  • Uploaded on

Leakage-Resilient Cryptography. Stefan Dziembowski University of Rome La Sapienza. Krzysztof Pietrzak CWI Amsterdam. WPK 2009 Workshop on Cryptographic Protocols and Public-Key Cryptography Bertinoro , 27.05.09. Plan. Motivation and introduction Our model Our construction

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Leakage-Resilient Cryptography' - norman


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
leakage resilient cryptography

Leakage-ResilientCryptography

StefanDziembowski

UniversityofRome

La Sapienza

KrzysztofPietrzak

CWI Amsterdam

WPK 2009 Workshop on Cryptographic Protocols and Public-Key Cryptography

Bertinoro, 27.05.09

slide2
Plan
  • Motivation and introduction
  • Our model
  • Our construction
  • Extension of the construction
how to construct secure cryptographic devices
How to construct securecryptographicdevices?

cryptographicdevice

very secure

Security based on well-defined mathematical problems.

implementation

CRYPTO

not secure!

the problem
The problem

cryptographicdevice

easy to attack

implementation

hard to attack

CRYPTO

information leakage
Information leakage
  • Side channel information:
  • power consumption,
  • electromagnetic leaks,
  • timing information,
  • etc.

cryptographicdevice

the standard view
The standard view

cryptographicdevice

cryptographicdevice

Implementation is not our business!

implementation

practitioners

CRYPTO

CRYPTO

theoreticians

a recent idea
A recent idea

Design cryptographic protocols that are secure

even

on the machines that leak information.

the model
Themodel

(standard) black-box access

cryptographicscheme

additional accessto the internal data

some prior work
Some prior work
  • S. Chari, C. S. Jutla, J.R. Rao, P. RohatgiTowards Sound Approaches to Counteract Power-Analysis Attacks. CRYPTO 1999
  • Y. Ishai, A. Sahai, and D. Wagner. Private Circuits: Securing Hardware against Probing Attacks. CRYPTO 2003
  • S. Micali and L. Reyzin. Physically Observable Cryptography (Extended Abstract). TCC 2004
  • R. Gennaro, A. Lysyanskaya, T. Malkin, S. Micali, and T. Rabin. Algorithmic Tamper-Proof (ATP) Security: Theoretical Foundations for Security against Hardware Tampering. TCC 2004.
  • C. Petit, F.-X. Standaert, O. Pereira, T.G. Malkin, M. Yung.A Block Cipher Based PRNG Secure Against Side-Channel Key Recovery. ASIACCS 2008
  • a sequence of papers by F.-X. Standaert, T.G. Malkin, M. Yung, and others, available at the web-page of F.-X. Standaert.
our contribution
Our contribution

We construct a

stream cipher

that is secure against a

very large and well-defined class of leakages.

Our construction is in the standard model (i.e. without the random oracles).

stream ciphers pseudorandom generators
streamciphers ≈ pseudorandomgenerators

short key X

long

streamK

a computationally bounded

adversary should not be ableto distinguish K from random

S

?

how do the stream ciphers work in practice
Howdo the stream ciphers work in practice?

short key X

S

K1

X

stream K is generated in rounds

(one block per round)

K2

time

K3

K4

. . .

slide13

An equivalent security definition

the adversary

knows:

should look random:

K1

X

K1

K1

K2

K2

K2

K3

K3

K3

K4

. . .

our assumption
Our assumption

We will assume that there is a leakage each time a keyKiis generated (i.e. leakage occurs in every round).

S

K1

X

K2

K3

K4

the details follow...

. . .

. . .

examples of the leakage functions from the literature
Examples of the “leakage functions” from the literature:
  • Y. Ishai, A. Sahai, and D. Wagner. Private Circuits: Securing Hardware against Probing Attacks.

The adversary can learn the value of some wires of a circuit that computes the cryptographic scheme.

  • another example (a “Hamming attack”):

The adversary can learn the sum of the secret bits.

we consider a very general class of leakages

ff

We consider a very general class of leakages

In every ith round theadversary choses

a poly-time computable“bounded-output

function”

f : {0,1}n→ {0,1}m

for m < n

and learns f(X)

X

We say that the adversary “retrieved m bits”

(in a given round).

how much leakage can we tolerate
How much leakage can we tolerate?

In our construction

the total number of retrieved bits

will be

larger than

the length of the secret key X

(but in every round the number of retrieved bits will be much less than |X|)

How can we achieve it?

by key evolution!

this will be a parameter

key evolution
Key evolution

In each round the secret key X gets refreshed.

Assumptions:

X

K1

X0

key evolution has to be deterministic

(no refreshing with external randomness)

X1

K2

X2

K3

also the refreshing procedure may cause leakage

X3

K4

how to define security
How to define security?
  • Is “indistinguishability” possible?
  • Problem
  • If the adversary can “retrieve” just one bit of Kithen he can distinguish it from random...

Solution

Indistinguishability will concern the “future” keys Ki

slide21

Security “without leakage”

the adversary

knows:

should look random:

K1

X0

K1

K1

K2

X1

K2

K2

K3

X2

K3

K3

K4

slide22

Security “with leakage”

the adversary

knows:

should look random:

ff

ff

ff

K1

X0

f1(X0)

the adversarychooses f1

K1

K1

the adversarychooses f3

the adversarychooses f2

K2

X1

f2(X1)

K2

K2

K3

X2

f3(X2)

K3

K3

K4

key evolution a problem
Key evolution – a problem

Recall that:

1. the key evolution is deterministic

2. the “leakage function fi” can by any poly-time function.

Therefore:

the function fi can always compute the “future” keys

what to do
What to do?

We us the principle introduced in:

S. Micali and L. Reyzin. Physically Observable Cryptography.

TCC 2004

“only computation leaks information”

in other words:

“untouched memory cells do not leak information”

divide the memory into three parts l c and r
Divide the memory into three parts: L, C and R

accessed only inthe even rounds

accessed always

accessed only inthe odd rounds

L

C

R

L0

C0

R0

round 0

L1

C1

R1

round 1

L2

C2

R2

round 2

L3

C3

R3

round 3

. . .

. . .

. . .

. . .

our cipher the outline
Ourcipher – the outline

the key of the cipher=

“the initial memory contents (L0, C0, R0)”

L0

C0

R0

S

L1

C1

R1

S

L2

C2

R2

S

L3

C3

R3

. . .

. . .

. . .

the output
The output

The output is the contents of the “central” part of the memory.

C → K

(L0, K0, R0)

(L0, C0, R0)

L0

L0

C0

K0

R0

R0

S

S

All the keysKi

will be given

“for free” to the adversary

L1

L1

K1

C1

R1

R1

S

S

L2

L2

C2

K2

R2

R2

S

S

L3

L3

K3

C3

R3

R3

the details of the model

should look

random:

the adversary

knows:

The details of the model

(L0, K0, R0)

K0

K1

f1(R0)

L0

K0

R0

K1

K2

S

L1

f2(L1)

K1

R1

K2

K3

S

f3(R2)

L2

K2

R2

K3

K4

S

L3

K3

R3

how to construct such a cipher
How to construct such a cipher?

Idea

Use the randomness extractors.

A function

Ext : {0,1}k × {0,1}r → {0,1}m

is an (ε,n)-randomness extractorif for

  • a uniformly random K, and
  • everyXwithmin-entropyn
  • we have that
  • (Ext(K,X),K) is ε – close to uniform.
slide31

Alternating extraction [DP, FOCS07]

L

K0

R

K1= Ext(K0, R)

L

K1

R

K2 = Ext(K1, L)

L

K2

R

K3 = Ext(K2, R)

L

K3

R

. . .

. . .

. . .

a fact from dp07
A fact from [DP07]

Even if

a constant fraction of L and R leaks

the keys K1,K2,..

look “almost uniform”

idea add key evolution to dp07
Idea: “add key evolution to [DP07]”

What to do?

Use a pseudorandom generator (prg) in the following way:

Ki

R

Ki

Ri

Ki+1= Ext(Ki, R)

(Ki+1, Yi+1) = Ext(Ki, R)

Ki+1

R

Ki+1

Ri+1 = prg(Yi+1)

our scheme
Our scheme

L0

L0

K0

K0

R0

R0

(K1, Y1) = Ext(K0, R0)

K1= Ext(K0, R)

L1

L0

K1

K1

R0

R1 = prg(Y1)

(K2, Y2) = Ext(K1, L1)

K2 = Ext(K1, L1)

L0

L2 = prg(Y2)

K2

K2

R0

R2

K3 = Ext(K2, R)

(K3, Y3) = Ext(K2, R2)

L0

L3

K3

K3

R0

R3 = prg(Y3)

. . .

. . .

. . .

our results 1 2
Our results (1/2)

assume the existence of pseudorandom generators

the cipher constructed on the previous slides is

secure against the adversary that in every round retrieves:

λ = ω( log(lengthof the key))

bits

then

this covers many real-life attacks

(e.g. the “Hamming attack”)

our results 2 2
Our results (2/2)

assume the existence of pseudorandom generators

secure against exponential-size circuits

the cipher constructed on the previous slides is

secure against the adversary that in every round retrieves:

λ = ϴ(lengthof the key)

bits

then

main ingredients of the proof
Main ingredients of the proof
  • Alternating extraction
  • The following lemma:

prg– pseudorandom generator

f – bounded-output function

S – seed for the prgdistributed uniformly

then:

with a high probability

the distributionPprg(S)|f(S) = x wherex := f(S)

is indistinguishable from a distribution having high min-entropy

this was proven independently in:Omer Reingold, Luca Trevisan, MadhurTulsiani, and SalilVadhan.Dense subsets of pseudorandom sets. FOCS 2008

slide38
Plan
  • Motivation and introduction
  • Our model
  • Our construction
  • Extension of the construction
look again at our model
Look again at our model:

K1 ?

K1

X0

K2 ?

K2

X1

K3 ?

K3

X2

K4 ?

K4

X3

K5 ?

K6 ?

X4

K5

K7 ?

X5

K6

problem forward security
Problem – forward security

What if the adversary doesn’t learn the Ki’s?

Does the leakage in the ith round reveal something about the previous keys?

K1

X0

K1 ?

K2

X1

the adversary doesn’t learn it

K2 ?

K3

X2

K3 ?

K4

X3

forward security the definition
Forward security – the definition

K1 ?

suppose the adversary didn’t learn K3

K1

X0

K2 ?

K2

X1

K3 ?

even if the entire state later leaks

K3

should look random

K3

X2

K4 ?

K4

X3

K5 ?

K6 ?

X4

K5

K7 ?

X5

K6

forward security the solution
Forward security - the solution

Idea: use different keys for “output” and for the “extraction”

use Kifor refreshing the state & output Ki

output Kiout

use Kinextfor refreshing the state

OLD:

NEW:

Ki

Ri

Kinext

Kiout

Ri

(Ki+1,Yi+1) = Ext(Ki,Ri)

(Ki+1next, Ki+1out,Yi+1) = Ext(Kinext,Ri)

Ki+1

Ri+1 = prg(Yi+1)

K1+1next

Ki+1out

Ri+1 = prg(Yi)

the modified scheme
The modified scheme

L0

L0

K0next

K0

R0

R0

(K1next, K1out,Y1) = Ext(K0next, R0)

(K1, Y1) = Ext(K0, R0)

L1

L1

K1next

K1

K1out

R1 = prg(Y1)

R1 = prg(Y1)

(K2next, K2out,Y2) = Ext(K1next, L1)

(K2, Y2) = Ext(K1, L1)

L2 = prg(Y2)

L2 = prg(Y2)

K2

K2next

K2out

R2

R2

(K3next, K3out,Y3) = Ext(K2next, R2)

(K3, Y3) = Ext(K2, R2)

L3

L3

K3

K3next

K3out

R3 = prg(Y3)

R3 = prg(Y3)

. . .

. . .

. . .

subsequent work
Subsequent work

using the “computation leaks information” paradigm:

  • Krzysztof PietrzakA Leakage-Resilient Mode of Operation. EUROCRYPT 2009
  • Public-key crypto in the generic groups Kiltz and Pietrzak [Bertinoro 2009]

other:

  • Joel Alwen, YevgeniyDodis and Daniel Wichs, Leakage Resilient Public-Key Cryptography in the Bounded Retrieval ModelCRYPTO 2009
  • YevgeniyDodis, Yael TaumanKalai and Shachar Lovett, On Cryptography with Auxiliary InputSTOC 2009
  • A. Akavia, S. Goldwasser and V. VaikuntanathanSimultaneous Hardcore Bits and Cryptography against Memory Attacks TCC 2009
  • MoniNaor and Gil SegevPublic-Key Cryptosystems Resilient to Key Leakage
ad