Results 1  10
of
21
PublicKey Cryptosystems Resilient to Key Leakage
"... Most of the work in the analysis of cryptographic schemes is concentrated in abstract adversarial models that do not capture sidechannel attacks. Such attacks exploit various forms of unintended information leakage, which is inherent to almost all physical implementations. Inspired by recent sidec ..."
Abstract

Cited by 90 (6 self)
 Add to MetaCart
(Show Context)
Most of the work in the analysis of cryptographic schemes is concentrated in abstract adversarial models that do not capture sidechannel attacks. Such attacks exploit various forms of unintended information leakage, which is inherent to almost all physical implementations. Inspired by recent sidechannel attacks, especially the “cold boot attacks ” of Halderman et al. (USENIX Security ’08), Akavia, Goldwasser and Vaikuntanathan (TCC ’09) formalized a realistic framework for modeling the security of encryption schemes against a wide class of sidechannel attacks in which adversarially chosen functions of the secret key are leaked. In the setting of publickey encryption, Akavia et al. showed that Regev’s latticebased scheme (STOC ’05) is resilient to any leakage of
Flush+Reload: a High Resolution, Low Noise, L3 Cache SideChannel Attack
, 2013
"... Flush+Reload is a cache sidechannel attack that monitors access to data in shared pages. In this paper we demonstrate how to use the attack to extract private encryption keys from GnuPG. The high resolution and low noise of the Flush+Reload attack enables a spy program to recover over 98 % of the b ..."
Abstract

Cited by 30 (2 self)
 Add to MetaCart
(Show Context)
Flush+Reload is a cache sidechannel attack that monitors access to data in shared pages. In this paper we demonstrate how to use the attack to extract private encryption keys from GnuPG. The high resolution and low noise of the Flush+Reload attack enables a spy program to recover over 98 % of the bits of the private key in a single decryption or signing round. Unlike previous attacks, the attack targets the last level L3 cache. Consequently, the spy program and the victim do not need to share the execution core of the CPU. The attack is not limited to a traditional OS and can be used in a virtualised environment, where it can attack programs executing in a different VM. 1
Robustness of the learning with errors assumption
 In ICS. 2010. [GPV08] [GRS08
, 2008
"... Abstract: Starting with the work of IshaiSahaiWagner and MicaliReyzin, a new goal has been set within the theory of cryptography community, to design cryptographic primitives that are secure against large classes of sidechannel attacks. Recently, many works have focused on designing various cryp ..."
Abstract

Cited by 13 (5 self)
 Add to MetaCart
(Show Context)
Abstract: Starting with the work of IshaiSahaiWagner and MicaliReyzin, a new goal has been set within the theory of cryptography community, to design cryptographic primitives that are secure against large classes of sidechannel attacks. Recently, many works have focused on designing various cryptographic primitives that are robust (retain security) even when the secret key is “leaky”, under various intractability assumptions. In this work we propose to take a step back and ask a more basic question: which of our cryptographic assumptions (rather than cryptographic schemes) are robust in presence of leakage of their underlying secrets? Our main result is that the hardness of the learning with error (LWE) problem implies its hardness with leaky secrets. More generally, we show that the standard LWE assumption implies that LWE is secure even if the secret is taken from an arbitrary distribution with sufficient entropy, and even in the presence of hardtoinvert auxiliary inputs. We exhibit various applications of this result. 1. Under the standard LWE assumption, we construct a symmetrickey encryption scheme that is robust to secret key leakage, and more generally maintains security even if the secret key is taken from an arbitrary distribution with sufficient entropy (and even in the presence of hardtoinvert auxiliary inputs).
Cold Boot Key Recovery by Solving Polynomial Systems with Noise
"... Abstract. A method for extracting cryptographic key material from DRAM used in modern computers has been recently proposed in [9]; the technique was called Cold Boot attacks. When considering block ciphers, such as the AES and DES, simple algorithms were also proposed in [9] to recover the cryptogra ..."
Abstract

Cited by 12 (0 self)
 Add to MetaCart
Abstract. A method for extracting cryptographic key material from DRAM used in modern computers has been recently proposed in [9]; the technique was called Cold Boot attacks. When considering block ciphers, such as the AES and DES, simple algorithms were also proposed in [9] to recover the cryptographic key from the observed set of round subkeys in memory (computed via the cipher’s key schedule operation), which were however subject to errors due to memory bits decay. In this work we extend this analysis to consider key recovery for other ciphers used in Full Disk Encryption (FDE) products. Our algorithms are also based on closest code word decoding methods, however apply a novel method for solving a set of nonlinear algebraic equations with noise based on Integer Programming. This method should have further applications in cryptology, and is likely to be of independent interest. We demonstrate the viability of the Integer Programming method by applying it against the Serpent block cipher, which has a much more complex key schedule than AES. Furthermore, we also consider the Twofish key schedule, to which we apply a dedicated method of recovery. 1
Applications of sat solvers to aes key recovery from decayed key schedule images
 In Emerging Security Information Systems and Technologies (SECURWARE), 2010 Fourth International Conference on
, 2010
"... Abstract—Cold boot attack is a side channel attack which exploits the data remanence property of random access memory (RAM) to retrieve its contents which remain readable shortly after its power has been removed. Given the nature of the cold boot attack, only a corrupted image of the memory contents ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
(Show Context)
Abstract—Cold boot attack is a side channel attack which exploits the data remanence property of random access memory (RAM) to retrieve its contents which remain readable shortly after its power has been removed. Given the nature of the cold boot attack, only a corrupted image of the memory contents will be available to the attacker. In this paper, we investigate the use of an offtheshelf SAT solver, CryptoMinSat, to improve the key recovery of the AES128 key schedules from its corresponding decayed memory images. By exploiting the asymmetric decay of the memory images and the redundancy of key material inherent in the AES key schedule, rectifying the faults in the corrupted memory images of the AES128 key schedule is formulated as a Boolean satisfiability problem which can be solved efficiently for relatively very large decay factors. Our experimental results show that this approach improves upon the previously known results. KeywordsAES; Coldboot attacks; decayed memory; SAT solvers
Provable Security for Physical Cryptography
, 2010
"... The modern approach to cryptography is provable security, where one defines a meaningful formal security model and proves that schemes are secure in this model. An exception is the design of countermeasures against cryptographic sidechannel attacks, which even today is mostly based on heuristic arg ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
(Show Context)
The modern approach to cryptography is provable security, where one defines a meaningful formal security model and proves that schemes are secure in this model. An exception is the design of countermeasures against cryptographic sidechannel attacks, which even today is mostly based on heuristic arguments, which only try to prevent particular attacks. It was long believed that sidechannels are a practical problem where theoretical cryptography was only of limited use, but recent results indicate that this view is too pessimistic, and in fact, it is possible to extend the realm of provable security also to sidechannel attacks. This survey is a personal and incomplete view on the current state of this exciting and fast moving field.
A CodingTheoretic Approach to Recovering Noisy RSA
"... Abstract. Inspired by cold boot attacks, Heninger and Shacham (Crypto 2009) initiated the study of the problem of how to recover an RSA private key from a noisy version of that key. They gave an algorithm for the case where some bits of the private key are known with certainty. Their ideas were exte ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
(Show Context)
Abstract. Inspired by cold boot attacks, Heninger and Shacham (Crypto 2009) initiated the study of the problem of how to recover an RSA private key from a noisy version of that key. They gave an algorithm for the case where some bits of the private key are known with certainty. Their ideas were extended by Henecka, May and Meurer (Crypto 2010) to produce an algorithm that works when all the key bits are subject to error. In this paper, we bring a codingtheoretic viewpoint to bear on the problem of noisy RSA key recovery. This viewpoint allows us to cast the previous work as part of a more general framework. In turn, this enables us to explain why the previous algorithms do not solve the motivating cold boot problem, and to design a new algorithm that does (and more). In addition, we are able to use concepts and tools from coding theory – channel capacity, list decoding algorithms, and random coding techniques – to derive bounds on the performance of the previous algorithms and our new algorithm.
Correcting Errors in RSA Private Keys
"... Abstract. Let pk = (N, e) be an RSA public key with corresponding secret key sk = (p, q, d, dp, dq, q −1 p). Assume that we obtain partial errorfree information of sk, e.g., assume that we obtain half of the most significant bits of p. Then there are wellknown algorithms to recover the full secret ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Abstract. Let pk = (N, e) be an RSA public key with corresponding secret key sk = (p, q, d, dp, dq, q −1 p). Assume that we obtain partial errorfree information of sk, e.g., assume that we obtain half of the most significant bits of p. Then there are wellknown algorithms to recover the full secret key. As opposed to these algorithms that allow for correcting erasures of the key sk, we present for the first time a heuristic probabilistic algorithm that is capable of correcting errors in sk provided that e is small. That is, on input of a full but errorprone secret key ˜ sk we reconstruct the original sk by correcting the faults. More precisely, consider an error rate of δ ∈ [0, 1), where we flip each bit 2 in sk with probability δ resulting in an erroneous key ˜ sk. Our LasVegas type algorithm allows to recover sk from ˜ sk in expected time polynomial in log N with success probability close to 1, provided that δ < 0.237. We also obtain a polynomial time LasVegas factorization algorithm for recovering the factorization (p, q) from an erroneous version with error rate δ < 0.084. Keywords. RSA, error correction, statistical cryptanalysis
Factoring RSA keys from certified smart cards: Coppersmith in the wild
"... Abstract. This paper explains how an attacker can efficiently factor 184 distinct RSA keys out of more than two million 1024bit RSA keys downloaded from Taiwan’s national “Citizen Digital Certificate ” database. These keys were generated by governmentissued smart cards that have builtin hardware ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
(Show Context)
Abstract. This paper explains how an attacker can efficiently factor 184 distinct RSA keys out of more than two million 1024bit RSA keys downloaded from Taiwan’s national “Citizen Digital Certificate ” database. These keys were generated by governmentissued smart cards that have builtin hardware randomnumber generators and that are advertised as having passed FIPS 1402 Level 2 certification. These 184 keys include 103 keys that share primes and that are efficiently factored by a batchGCD computation. This is the same type of computation that was used last year by two independent teams (USENIX Security 2012: Heninger, Durumeric, Wustrow, Halderman; Crypto 2012: Lenstra, Hughes, Augier, Bos, Kleinjung, Wachter) to factor tens of thousands of cryptographic keys on the Internet. The remaining 81 keys do not share primes. Factoring these 81 keys requires taking deeper advantage of randomnessgeneration failures: first using the shared primes as a springboard to characterize the failures, and then using Coppersmithtype partialkeyrecovery attacks. This is the first successful public application of Coppersmithtype attacks to keys found in the wild.
Factoring RSA modulus using prime reconstruction from random known bits
 In Progress in Cryptology  Africacrypt 2010, volume 6055 of LNCS
, 2010
"... Abstract. This paper discusses the factorization of the RSA modulus N (i.e., N = pq, where p, q are primes of same bit size) by reconstructing the primes from randomly known bits. The reconstruction method is a modified bruteforce search exploiting the known bits to prune wrong branches of the sear ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
Abstract. This paper discusses the factorization of the RSA modulus N (i.e., N = pq, where p, q are primes of same bit size) by reconstructing the primes from randomly known bits. The reconstruction method is a modified bruteforce search exploiting the known bits to prune wrong branches of the search tree, thereby reducing the total search space towards possible factorization. Here we revisit the work of Heninger and Shacham in Crypto 2009 and provide a combinatorial model for the search where some random bits of the primes are known. This shows how one can factorize N given the knowledge of random bits in the least significant halves of the primes. We also explain a lattice based strategy in this direction. More importantly, we study how N can be factored given the knowledge of some blocks of bits in the most significant halves of the primes. We present improved theoretical result and experimental evidences in this direction.