Results 1  10
of
74
PublicKey Cryptosystems Resilient to Key Leakage
"... Most of the work in the analysis of cryptographic schemes is concentrated in abstract adversarial models that do not capture sidechannel attacks. Such attacks exploit various forms of unintended information leakage, which is inherent to almost all physical implementations. Inspired by recent sidec ..."
Abstract

Cited by 89 (6 self)
 Add to MetaCart
(Show Context)
Most of the work in the analysis of cryptographic schemes is concentrated in abstract adversarial models that do not capture sidechannel attacks. Such attacks exploit various forms of unintended information leakage, which is inherent to almost all physical implementations. Inspired by recent sidechannel attacks, especially the “cold boot attacks ” of Halderman et al. (USENIX Security ’08), Akavia, Goldwasser and Vaikuntanathan (TCC ’09) formalized a realistic framework for modeling the security of encryption schemes against a wide class of sidechannel attacks in which adversarially chosen functions of the secret key are leaked. In the setting of publickey encryption, Akavia et al. showed that Regev’s latticebased scheme (STOC ’05) is resilient to any leakage of
Appendonly signatures
 in International Colloquium on Automata, Languages and Programming
, 2005
"... Abstract. The strongest standard security notion for digital signature schemes is unforgeability under chosen message attacks. In practice, however, this notion can be insufficient due to “sidechannel attacks ” which exploit leakage of information about the secret internal state. In this work we pu ..."
Abstract

Cited by 53 (10 self)
 Add to MetaCart
(Show Context)
Abstract. The strongest standard security notion for digital signature schemes is unforgeability under chosen message attacks. In practice, however, this notion can be insufficient due to “sidechannel attacks ” which exploit leakage of information about the secret internal state. In this work we put forward the notion of “leakageresilient signatures, ” which strengthens the standard security notion by giving the adversary the additional power to learn a bounded amount of arbitrary information about the secret state that was accessed during every signature generation. This notion naturally implies security against all sidechannel attacks as long as the amount of information leaked on each invocation is bounded and “only computation leaks information.” The main result of this paper is a construction which gives a (treebased, stateful) leakageresilient signature scheme based on any 3time signature scheme. The amount of information that our scheme can safely leak per signature generation is 1/3 of the information the underlying 3time signature scheme can leak in total. Signature schemes that remain secure even if a bounded total amount of information is leaked were recently constructed, hence instantiating our construction with these schemes gives the first constructions of provably secure leakageresilient signature schemes. The above construction assumes that the signing algorithm can sample truly random bits, and thus an implementation would need some special hardware (randomness gates). Simply generating this randomness using a leakageresilient streamcipher will in general not work. Our second contribution is a sound general principle to replace uniform random bits in any leakageresilient construction with pseudorandom ones: run two leakageresilient streamciphers (with independent keys) in parallel and then apply a twosource extractor to their outputs. 1
D.: Nonmalleable codes
 In: ICS (2010
"... We introduce the notion of “nonmalleable codes ” which relaxes the notion of errorcorrection and errordetection. Informally, a code is nonmalleable if the message contained in a modified codeword is either the original message, or a completely unrelated value. In contrast to errorcorrection and ..."
Abstract

Cited by 45 (6 self)
 Add to MetaCart
We introduce the notion of “nonmalleable codes ” which relaxes the notion of errorcorrection and errordetection. Informally, a code is nonmalleable if the message contained in a modified codeword is either the original message, or a completely unrelated value. In contrast to errorcorrection and errordetection, nonmalleability can be achieved for very rich classes of modifications. We construct an efficient code that is nonmalleable with respect to modifications that effect each bit of the codeword arbitrarily (i.e. leave it untouched, flip it or set it to either 0 or 1), but independently of the value of the other bits of the codeword. Using the probabilistic method, we also show a very strong and general statement: there exists a nonmalleable code for every “small enough ” family F of functions via which codewords can be modified. Although this probabilistic method argument does not directly yield efficient constructions, it gives us efficient nonmalleable codes in the randomoracle model for very general classes of tampering functions — e.g. functions where every bit in the tampered codeword can depend arbitrarily on any 99 % of the bits in the original codeword. As an application of nonmalleable codes, we show that they provide an elegant algorithmic solution to the task of protecting functionalities implemented in hardware (e.g. signature cards) against “tampering attacks”. In such attacks, the secret state of a physical system is tampered, in the hopes that future interaction with the modified system will reveal some secret information. This problem, was previously studied in the work of Gennaro et al. in 2004 under the name “algorithmic tamper proof security ” (ATP). We show that nonmalleable codes can be used to achieve important improvements over the prior work. In particular, we show that any functionality can be made secure against a large class of tampering attacks, simply by encoding the secretstate with a nonmalleable code while it is stored in memory. 1
Signature schemes with bounded leakage resilience
 In ASIACRYPT
, 2009
"... A leakageresilient cryptosystem remains secure even if arbitrary, but bounded, information about the secret key (or possibly other internal state information) is leaked to an adversary. Denote the length of the secret key by n. We show a signature scheme tolerating (optimal) leakage of up to n − nǫ ..."
Abstract

Cited by 40 (1 self)
 Add to MetaCart
(Show Context)
A leakageresilient cryptosystem remains secure even if arbitrary, but bounded, information about the secret key (or possibly other internal state information) is leaked to an adversary. Denote the length of the secret key by n. We show a signature scheme tolerating (optimal) leakage of up to n − nǫ bits of information about the secret key, and a more efficient onetime signature scheme that tolerates leakage of ( 1 4 −ǫ) ·n bits of information about the signer’s entire state. The latter construction extends to give a leakageresilient ttime signature scheme. All these constructions are in the standard model under general assumptions. 1
Provably Secure HigherOrder Masking of AES
 In CHES 2010, volume 6225 of LNCS
, 2010
"... Abstract. Implementations of cryptographic algorithms are vulnerable to Side Channel Analysis (SCA). To counteract it, masking schemes are usually involved which randomize keydependent data by the addition of one or several random value(s) (the masks). When dthorder masking is involved (i.e. when ..."
Abstract

Cited by 40 (3 self)
 Add to MetaCart
(Show Context)
Abstract. Implementations of cryptographic algorithms are vulnerable to Side Channel Analysis (SCA). To counteract it, masking schemes are usually involved which randomize keydependent data by the addition of one or several random value(s) (the masks). When dthorder masking is involved (i.e. when d masks are used per keydependent variable), the complexity of performing an SCA grows exponentially with the order d. The design of generic dthorder masking schemes taking the order d as security parameter is therefore of great interest for the physical security of cryptographic implementations. This paper presents the first generic dthorder masking scheme for AES with a provable security and a reasonable software implementation overhead. Our scheme is based on the hardwareoriented masking scheme published by Ishai et al. at Crypto 2003. Compared to this scheme, our solution can be efficiently implemented in software on any generalpurpose processor. This result is of importance considering the lack of solution for d � 3. 1
Algebraic SideChannel Attacks on the AES: Why Time also Matters in DPA
"... Algebraic sidechannel attacks have been recently introduced as a powerful cryptanalysis technique against block ciphers. These attacks represent both a target algorithm and its physical information leakages as an overdefined system of equations that the adversary tries to solve. They were first ap ..."
Abstract

Cited by 28 (3 self)
 Add to MetaCart
Algebraic sidechannel attacks have been recently introduced as a powerful cryptanalysis technique against block ciphers. These attacks represent both a target algorithm and its physical information leakages as an overdefined system of equations that the adversary tries to solve. They were first applied to PRESENT because of its simple algebraic structure. In this paper, we investigate the extent to which they can be exploited against the AES Rijndael and discuss their practical specificities. We show experimentally that most of the intuitions that hold for PRESENT can also be observed for an unprotected implementation of Rijndael in an 8bit controller. Namely, algebraic sidechannel attacks can recover the AES master key with the observation of a single encrypted plaintext and they easily deal with unknown plaintexts/ciphertexts in this context. Because these attacks can take advantage of the physical information corresponding to all the cipher rounds, they imply that one cannot trade speed for code size (or gate count) without affecting the physical security of a leaking device. In other words, more intermediate computations inevitably leads to more exploitable leakages. We analyze the consequences of this observation on two different masking schemes and discuss its impact on other countermeasures. Our results exhibit that algebraic techniques lead to a new understanding of implementation weaknesses that is different than classical sidechannel attacks.
Achieving leakage resilience through dual system encryption
 In TCC
, 2011
"... In this work, we show that strong leakage resilience for cryptosystems with advanced functionalities can be obtained quite naturally within the methodology of dual system encryption, recently introduced by Waters. We demonstrate this concretely by providing fully secure IBE, HIBE, and ABE systems wh ..."
Abstract

Cited by 27 (5 self)
 Add to MetaCart
In this work, we show that strong leakage resilience for cryptosystems with advanced functionalities can be obtained quite naturally within the methodology of dual system encryption, recently introduced by Waters. We demonstrate this concretely by providing fully secure IBE, HIBE, and ABE systems which are resilient to bounded leakage from each of many secret keys per user, as well as many master keys. This can be realized as resilience against continual leakage if we assume keys are periodically updated and no (or logarithmic) leakage is allowed during the update process. Our systems are obtained by applying a simple modification to previous dual system encryption constructions: essentially this provides a generic tool for making dual system encryption schemes leakageresilient. 1
Fully LeakageResilient Signatures
, 2010
"... A signature scheme is fully leakage resilient (Katz and Vaikuntanathan, ASIACRYPT ’09) if it is existentially unforgeable under an adaptive chosenmessage attack even in a setting where an adversary may obtain bounded (yet arbitrary) leakage information on all intermediate values that are used throu ..."
Abstract

Cited by 23 (3 self)
 Add to MetaCart
A signature scheme is fully leakage resilient (Katz and Vaikuntanathan, ASIACRYPT ’09) if it is existentially unforgeable under an adaptive chosenmessage attack even in a setting where an adversary may obtain bounded (yet arbitrary) leakage information on all intermediate values that are used throughout the lifetime of the system. This is a strong and meaningful notion of security that captures a wide range of sidechannel attacks. One of the main challenges in constructing fully leakageresilient signature schemes is dealing with leakage that may depend on the random bits used by the signing algorithm, and constructions of such schemes are known only in the randomoracle model. Moreover, even in the randomoracle model, known schemes are only resilient to leakage of less than half the length of their signing key. In this paper we construct the first fully leakageresilient signature schemes without random oracles. We present a scheme that is resilient to any leakage of length (1 − o(1))L bits, where L is the length of the signing key. Our approach relies on generic cryptographic primitives, and at the same time admits rather efficient instantiations based on specific numbertheoretic
Publickey encryption schemes with auxiliary inputs
 In TCC. 2010. [Fei02] U. Feige. Relations
"... Abstract. We construct publickey cryptosystems that remain secure even when the adversary is given any computationally uninvertible function of the secret key as auxiliary input (even one that may reveal the secret key informationtheoretically). Our schemes are based on the decisional DiffieHellma ..."
Abstract

Cited by 22 (7 self)
 Add to MetaCart
(Show Context)
Abstract. We construct publickey cryptosystems that remain secure even when the adversary is given any computationally uninvertible function of the secret key as auxiliary input (even one that may reveal the secret key informationtheoretically). Our schemes are based on the decisional DiffieHellman (DDH) and the Learning with Errors (LWE) problems. As an independent technical contribution, we extend the GoldreichLevin theorem to provide a hardcore (pseudorandom) value over large fields. 1
Securing computation against continuous leakage
 In CRYPTO
, 2010
"... Abstract. We present a general method to compile any cryptographic algorithm into one which resists side channel attacks of the only computation leaks information variety for an unbounded number of executions. Our method uses as a building block a semantically secure subsidiary bit encryption scheme ..."
Abstract

Cited by 22 (2 self)
 Add to MetaCart
Abstract. We present a general method to compile any cryptographic algorithm into one which resists side channel attacks of the only computation leaks information variety for an unbounded number of executions. Our method uses as a building block a semantically secure subsidiary bit encryption scheme with the following additional operations: key refreshing, oblivious generation of cipher texts, leakage resilience regeneration, and blinded homomorphic evaluation of one single complete gate (e.g. NAND). Furthermore, the security properties of the subsidiary encryption scheme should withstand bounded leakage incurred while performing each of the above operations. We show how to implement such a subsidiary encryption scheme under the DDH intractability assumption and the existence of a simple secure hardware component. The hardware component is independent of the encryption scheme secret key. The subsidiary encryption scheme resists leakage attacks where the leakage is computable in polynomial time and of length bounded by a constant fraction of the security parameter. 1