1 / 42

Leakage-Resilient Cryptography

Leakage-Resilient Cryptography. New Developments and Challenges. Vinod Vaikuntanathan. Microsoft Research. Secrets. Information accessible to one party and not to other(s) Essential to cryptography!. Theory. Real life. Secrets leak!. Secrets Leak. So, what can we do about it?.

warner
Download Presentation

Leakage-Resilient Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Leakage-Resilient Cryptography New Developments and Challenges Vinod Vaikuntanathan Microsoft Research

  2. Secrets Information accessible to one party and not to other(s) Essential to cryptography! Theory Real life Secrets leak!

  3. Secrets Leak So, what can we do about it? • A (bad) solution: Not our problem. • Blame the electrical engineers and hardware folks. • Leakage-resilient Crypto: Let’s try to help. • Primitives that provably allow some leakage of secrets. • New crypto insights / questions

  4. Two Commandments Leakage is arbitrary, but: • Polynomial-time computable. • Does not reveal the entire secret key. (Leakage = what an antenna can compute) (Ensure this by hardware / software design)

  5. Interpreting the Commandments • (or, Two Leakage Models) • A Simple Interpretation: Bounded Leakage [AGV09] • Adversary can learn any efficiently computable function g:{0,1}* → {0,1}Lof the secret key(*). • Total leakage L < |SK| [AGV09,NS09,KV09,ADW09,ADN+10,…] sk g(sk) 1 0 1 • (*) Ideally, leakage from the entire secret state. Can achieve sometimes

  6. Interpreting the Commandments • (or, Two Leakage Models) • A Simple Interpretation: Bounded Leakage [AGV09] • Adversary can learn any efficiently computable function g:{0,1}* → {0,1}Lof the secret key. • Total leakage L < |SK| [AGV09,NS09,KV09,ADW09,ADN+10,…] Variations: • Noisy Model [NS’09]: H∞(SK | g(SK)) >> 0 • Auxiliary Input Model [DKL’09,DGKPV’10]: g is an uninvertible function of SK

  7. Interpreting the Commandments • (or, Two Leakage Models) • A Realistic Interpretation: Continual Leakage [ISW03MR04,DP08,Pie09,FKPR10,FRRTV10,BKKV10, DHLW10…] • Adversary can learn any efficiently computable function gi:{0,1}* → {0,1}L of the secret key at each “time-period” • Rate of Leakage (leakage/time period) < |SK| g1(sk) 1 0 1 g2(sk) sk 0 0 1

  8. Interpreting the Commandments • (or, Two Leakage Models) • A Realistic Interpretation: Continual Leakage [ISW03MR04,DP08,Pie09,FKPR10,FRRTV10,BKKV10, DHLW10…] • Adversary can learn any efficiently computable function gi:{0,1}* → {0,1}L of the secret key at each “time-period” • Rate of Leakage (leakage/time period) < |SK| Observations: • Of course, secret key should be refreshed in each time. • Non-trivial: Refresh SK without changing PK (in public-key systems), or without co-ordination (in SK systems)

  9. Talk Plan PART 1: Bounded Leakage Model • One-way Functions • Digital Signatures • Public-key Encryption PART 2: Continual Leakage Model PART 3: “Barriers” and Open Problems • Leakage-resilient Compilers, LR by Parallel Repetition, Tamper Resistance,…

  10. Bounded Leakage

  11. LR One-way Functions L-leakage-resilient OWF: Given y = f(x) and at most L bits of leakage g(x), hard to compute any x′ s.t. f(x′) = y. x y=F(x) Observations: • Every 2L-hard OWF is a L-leakage-resilient. (hardness → leakage-resilience) • Not every OWF is a L-leakage-resilient for large L. (easy counterexamples)

  12. LR One-way Functions L-leakage-resilient OWF: Given y = f(x) and at most L bits of leakage g(x), hard to compute any x′ s.t. f(x′) = y. x y=F(x) Theorem[KV09,ADW09]: Any Universal One-way Hash Fn (uowhf) f:{0,1}n → {0,1}n-L-1 is an L-leakage-resilient OWF. • Cor [NY89,Rom90]: OWF = Leakage-resilient OWF.

  13. LR One-way Functions Theorem[KV09,ADW09]: Any Universal One-way Hash Fn (uowhf) f:{0,1}n → {0,1}n-L-1 is an L-leakage-resilient OWF. x y=F(x) Proof: Adv given y=f(x) and g(x) cannot invert y. y=f(x) x • Given y=f(x), ≥ 2L+1 possible pre-images • Given y=f(x) and leakage g(x), ≥ 2 pre-images • Inverter returns x'≠x w.p ≥ 1/2 → breaks UOWHF

  14. Recurring Theme Theorem[KV09,ADW09]: Any Universal One-way Hash Fn (uowhf) f:{0,1}n → {0,1}n-L-1 is an L-leakage-resilient OWF. x y=F(x) • Problem with many solutions • Hard: given one solution, find another • Security redn has one soln, computes leakage using that • Adversary doesn’t have enough info to pin-point the solution • Adversary returns a different soln, unwittingly solves the hard problem (Information-theoretic + Computational arguments)

  15. An Open Question Theorem[KV09,ADW09]: Any Universal One-way Hash Fn (uowhf) f:{0,1}n → {0,1}n-L-1 is an L-leakage-resilient OWF. x y=F(x) OPEN: • Is there an leakage-resilient injective OWF? • Show injective OWF = injective LR-OWF (or, separation?)

  16. LR Signatures PK m SignSK(m) sk Cannot produce sign for a new m* g g(SK)

  17. LR Signatures Theorem[KV09]: L-leakage-resilient OWF (+simulation-extractable NIZK [S99,DDOPS01]) → L-leakage-resilient signatures PK: (f,y=f(x),CRSnizk), where f is an L-LR OWF, SK: x Sign(m): SimExt-NIZKm for “∃x s.t PK contains h(x)” Proof Idea: • Signature contains no (computational) info. on SK Sim-Ext • Forgery ⇒ extract a secret-key. • Break LR OWF.

  18. LR Signatures: Subsequent Results • [ADW09]: Fiat-Shamir transform + LR OWFs → LR-Sigs in the random oracle model. • [DHLW10]: Efficient LR Sigs without random oracles (using bilinear maps). • [BSW10]: LR Sigs where the randomness used for signing can leak as well.

  19. LR Public-key Encryption (cpa) PK sk g Enc(b) g(SK) (b←${0,1}) OPEN: Cannot predict b • Modify the definition to be CCA-style • Allow leakage queries after receiving the challenge ctxt

  20. LR Public-key Encryption • [AGV09] based on Lattices ([Regev05,GPV08] is leakage-resilient) • [NS09,DGKPV10] based on Diffie-Hellman ([BHHO08] is leakage-resilient) • [NS09] from any hash proof system [CS02]

  21. Construction Outline Adv. breaks cpa-security For starters: Adv. findssk. Old Idea: One Public Key, many possible Secret Keys Hard Problem: Given one SK, find another. Proof: Public Key Space Secret Key space • Reduction knows one SK, simulates leakage from it • Adv. gets pk+leakage → not enough info to fully specify SK PK • Adv. finds SK′ ≠ SK → breaks hard problem.

  22. Construction Outline Adv. breaks cpa-security For starters: Adv. findssk. Old Idea: One Public Key, many possible Secret Keys • Correctness  All secret keys decrypt C to the same message DEC M M ENC C M PK M

  23. Construction Outline Adv. breaks cpa-security Old Idea: One Public Key, many possible Secret Keys Min-entropy source New Idea: REAL Encryption vs. FAKE Encryption “Seed” • Different secret keys decrypt c to different messages • Dec(SK,C*) is a good randomness extractor! • and yet, Fake≈ Real(even given an SK) DEC M RealENC C M1 PK In particular, given SK, hard to find SK’ ≠ SK M2 ≈ FakeENC C M3

  24. FakeENC C RealENC M C PK Security Proof “Fake World” “Real World” DEC M1 M2 M M3 L(SK) ???

  25. A Concrete Construction (based on decisional Diffie-Hellman [CS98,BHHO09] ) Params: prime p, group G of order p, generators (g,h) KeyGen: sk = (a,b) pk = gahb Enc(pk,m): c = [gx, hx, pkx.m] Dec(sk,c): Compute (gx)a(hx)b=(gahb)x=pkx FakeEnc(pk): c* = [gx, hy, (gx)a(hy)b.m] Fake ≈ Real: Follows from DDH. (gx,hx) ≈ (gx,hy) Fake Encryption is random: given g,h & gahb, gaxhby is random • [ILL] in the exponent

  26. LR Cryptomania: Other Results • [NS09]: CPA-secure → CCA-secure with the same leakage-resilience (idea: use Naor-Yung) • [AGV09,ADN+10,CDRW10]: leakage-resilient IBE (with leakage from the user secret keys). • [LW10]: leakage-resilient IBE (with leakage from the master secret key as well), LR HIBE, ABE etc.

  27. Continual Leakage

  28. Continual LR Public-key Encryption • Unbounded leakage, but bounded in each time period • Solution idea: “refresh” (randomize) the secret key • Challenge:keep the public key the same g1(sk) 1 0 1 g2(sk) sk 0 0 1

  29. Continual LR Public-key Encryption Theorem: [BKKV10] CLR-secure public-key encryption schemes that tolerate (in every time step): • 1/2-ε leakage rate based on decisional linear assumption • 1-ε leakage rate based on symmetric external DH in bilinear groups. g1(sk) 1 0 1 g2(sk) sk 0 0 1

  30. Continual LR Public-key Encryption Other Results: • [BKKV10]: CLR-secure signatures and IBE (with leakage from user secret keys) • Concurrently, [DHLW10]: efficient CLR-secure signatures, ID schemes and AKA schemes • same assumptions, different techniques (re-rand. NIZK) g1(sk) 1 0 1 g2(sk) sk 0 0 1

  31. Continual LR Public-key Encryption • Continual Leakage: How to update SK? • First Idea: Resample from the key space • PROBLEM: This is supposed to be hard! L1(SK1) SK1 pk L3(SK3) SK3 L2 (SK2) SK2 corresp. sk space

  32. New Idea: Neighborhood of SKs • Given a secret key: • Easy to resample inside neighborhood. • Hard problem: find a secret key outside of neighborhood. • Sampling in neighborhood ≈c entire space.  Adv. can’t tell the difference. • Proof outline: • Reduction knows sk and updates in neighborhood. • To Adv., updates “look like” from entire space. • Even given leakage, Adv. cannot recover any leaked key entirely  will have to come up with new sk’≠sk. • WHP sk’ not in neighborhood  breaks hard problem. • BAD NEWS: comp. indist. not enough! • Adv. can sample in neighborhood without knowing. • Need statistical argument. • GOOD NEWS: Adv sees only part of each SK pk corresp. sk space

  33. An Algebraic Lemma used in the proof:“Random subspaces are leakage-resilient”

  34. Random Subspaces are Continual Leakage Resilient(Pictorially) Neighborhood of SK

  35. Random Subspaces are Continual Leakage Resilient Proof: two words – pairwise independence (using [BFO,DS]).

  36. Barriers and Open Questions

  37. General Leakage-Resilience SO FAR: Design SPECIFICcrypto primitives (sigs.,enc.) secure against continual leakage?” QUESTION: Any circuit → Continual Leakage-resilient circuit • Yao/GMW/BGW/CCD for leakage-resilient crypto • Automatically leakage-proof commonly used cryptosystems, e.g., RSA / AES

  38. Ishai-Sahai-Wagner: Private Circuits Any circuit → “Probing-resilient” circuit against leakage of at most t wires How about more general leakage functions? (e.g., polynomial-time leakage) Key Key’ X X Y Y “Compiler” t-wireprobing Input/output access indistinguishable (SIM) (ADV)

  39. A Barrier [BGI+00 + Impagliazzo] Impossible to design a compiler against poly-time leakage • Follows from impossibility of general obfuscation [BGI+00] • If there is a (not nec. continual) LR compiler for a functionality, then there is a [BGI+00] obfuscator for it

  40. How to Overcome the Barrier? Three Avenues 2+3 [JV’10,GR’10]: compiler against poly-time OC leakage • uses a leak-proof hardware that samples random encryptions. • Work with smaller leakage classes (e.g., AC0) Is a Leak-Proof Hardware necessary? Minimal assumptions to overcome the barrier? • Low-complexity leakage, Poly-time Adv (postprocessor) 1+3 [FRRTV’10]: compiler against AC0 leakage • uses a deterministic leak-proof hardware that computes parity of n bits • Assume that “only computation leaks” [MR04] • Computation is divided into time-periods • Parts of memory not involved in a time period do not leak in that time • Small, stateless Leak-Proof Hardware

  41. To Conclude… • More Open Problems • Parallel Repetition for Leakage Amplification[DW,LW]: Suppose scheme S tolerates L bits. Can we repeat it in parallel n times and get nL bit leakage-tolerance? Very Active Field, Lots of work recently! Information-theoretic + Computational Techniques • Tamper Resistance [IPSW, GLMMR, DPW, Malkin et al.]: Many attacks, Boneh-Lipton, Shamir’s bug attacks... Entropy • More Results I didn’t talk about • Leakage of randomness (hedged PKE), auxiliary input attacks, bounded retrieval model, robustness of assumptions (LWE is resilient against leakage),…

  42. Thanks!

More Related