Presentation is loading. Please wait.

Presentation is loading. Please wait.

NON-MALLEABLE CODES AND TAMPER-RESILIENT SECURITY ( ICS 2010 ) Joint work with: Stefan Dziembowski, Krzysztof Pietrzak Speaker: Daniel Wichs.

Similar presentations


Presentation on theme: "NON-MALLEABLE CODES AND TAMPER-RESILIENT SECURITY ( ICS 2010 ) Joint work with: Stefan Dziembowski, Krzysztof Pietrzak Speaker: Daniel Wichs."— Presentation transcript:

1 NON-MALLEABLE CODES AND TAMPER-RESILIENT SECURITY ( ICS 2010 ) Joint work with: Stefan Dziembowski, Krzysztof Pietrzak Speaker: Daniel Wichs

2 Physical Attacks  Leakage: Adv observes physical output of the device.  Tampering: Adv modifies internal state and interacts with tampered device.

3 Example Signature infrastructure using secure tokens (no PKI).  All tokens have the same secret signing key sk.  Each token has a unique userID.  On input message m, token signs (userID, m). (userID, sk) m Sign sk (userID, m)

4 Example: Can we attack scheme with simple physical attacks?  Attack 1 (RSA sig): Leaking a random 27% of bits of RSA key lets you factor! [HS09]  Attack 2 (RSA sig): Introduce single faulty bit during signing. Use resulting sig to factor the RSA modulus. [BDL97]  Attack 3 (any sig): Eve tampers userID = “Eve” to userID = “Eva” by flipping a few bits. Impersonates Eva. Sign sk (userID, m)

5 Lessons from Example  Tampering attacks can be just as devastating as leakage attacks.  Cannot only focus on tamper-resilience for cryptographic primitives.

6 Algorithmic Protection Want: A general compiler that takes a circuit G with state s and creates a circuit G’ with state s’ such that:  (G, s) acts the same as (G’, s’)  Tampering with (G’, s’) via some well-defined family F of attacks is useless.

7 Algorithmic Protection Tampering of memory and computation Tampering of memory GLMMR04 IPSW06 Circuit Memory input output Circuit Memory input output This talk

8 Algorithmic Protection  Q: Why study tampering of (only) memory?  Simpler. Need to understand it first.  Leads to a very natural coding-theory question of independent interest.  Might be reasonable in practice.

9 Code-based Solution Circuit G’ c = Enc(s) Decode s= Dec(c). Evaluate G(s). G’= Circuit G s Original Functionality (G, s) Compiled Functionality (G’, c)

10 Talk Outline  Definition of non-malleable codes.  General (im)possibility results for nm-codes.  Efficient non-malleable codes.  Bit-wise independent tampering.  Results in the RO model.  Application to tamper-resilient security:  Formal model of tamper-resilience.  Application of non-malleable codes.  Comparison to prior work.

11 Coding Schemes  Encoding can be randomized: c = Enc(s;r).  Correctness: Dec(Enc(s)) = s with probability 1. Enc sc source messagecodeword randomized encoding Dec decoding s decoded message

12 The “Tampering Experiment” EncDec sc source message c* s* decoded message  Tampering function f 2 F chosen adversarially.  Independent of randomness of encoding. F={}, f1f1 f2f2, f3f3 tamper f =f(c)

13 The “Tampering Experiment” Goal: For “interesting” families F, design coding scheme (Enc, Dec) which provides “meaningful guarantees” about the outcome s*. EncDec sc c* s* tamper F

14 Error-Correction  Error-Correction: require that s* = s  Error-Correcting Codes for Hamming Distance: The family F = {f s.t. 8 x dist(x, f(x)) < d }  No randomness in Enc.  Limitations: Cannot be achieved for even small/simple families F. (e.g. even the single function f that maps all values to 0). EncDec sc c* s* tamper F

15 Error-Detection  Error-Detection: require that s* 2 {s, ? } (with overwhelming probability).  Problem: Might learn something about s if s* = ?.  Limitation: Cannot be achieved for some even small/simple families F. (e.g. family all “constant” functions f c (x) = c). EncDec sc c* s* tamper F

16 New notion: Non-Malleability  Non-Malleability: either s*= s or s* is “unrelated” to s.  Analogous to non-malleability in cryptography [DDN91].  Harder to define formally (stay tuned).  Examples of “malleability”:  The value s* is same as s, except with 3 rd bit flipped.  If s begins with 0, then s* = s. Otherwise s* = ?.  Hope: non-malleability achievable for many rich families F. EncDec sc c* s* tamper F

17 Defining Non-Malleability (Attempt 1)  Tampering via f 2 F does not reveal information. Can answer following without knowing s:  Does your tampering change the codeword c?  If so, what is new message s* = Dec(c*). c à Enc(s 0 ) c* à f(c) If c* = c say “same” else say Dec (c*) ¼ Definition: A code (Enc, Dec) is non-malleable w.r.t. a family F if 8 f 2 F 8 s 0, s 1 : c à Enc(s 1 ) c* à f(c) If c* = c say “same” else say Dec (c*) Problem: Unnecessarily strong! Not satisfied by error-correcting codes.

18 Defining Non-Malleability s* Ã D f if s* = “same” output s else output s*. s* Ã Dec ( f(Enc(s)) ) ¼ Definition: A code (Enc, Dec) is non-malleable w.r.t. a family F if 8 f 2 F 9 simulator D f such that 8 s:  Tampering via f 2 F does not reveal information. Can “simulate” the answer to following questions:  Did the message s stay the same?  If no, what is the new message s*?

19 Talk Outline  Definition of non-malleable codes.  General (im)possibility results for nm-codes.  Efficient non-malleable codes.  Bit-wise independent tampering.  Results in the RO model.  Application to tamper-resilient security:  Formal model of tamper-resilience.  Application of non-malleable codes.  Comparison to prior work.

20 General Impossibility Non-Malleability  For every coding scheme (Enc, Dec) there exists a single function f, for which the scheme is malleable.  f(c) = Enc(Dec(c) + 1).  Bad f depends heavily on (Enc, Dec).  Corollaries:  No coding scheme (Enc, Dec) (with n bit codewords), is non- malleable w.r.t. F all = { all f : {0,1} n ! {0,1} n }.  No efficient coding scheme is non-malleable w.r.t. all efficient functions.

21 General Possibility of Non-Malleability For every “small enough” family F, there exists a nm-code w.r.t F. “small enough” F: log(log(|F|)) < n. Note: log(log(|F all |)) = n + log(n). For every “small enough” family F, there exists a nm-code w.r.t F. “small enough” F: log(log(|F|)) < n. Note: log(log(|F all |)) = n + log(n). Theorem: Proved using the probabilistic method. Not efficient…

22  Use “random code” with k-bit messages and n-bit codewords.  Choose the function Dec : {0,1} n ! {0,1} k uniformly at random.  Define Enc(s) to sample uniform {c s.t. Dec(c) = s}.  For any fixed family F, a “random code” is non-malleable w.r.t. F with overwhelming probability if: n > log(log (|F|)) + 3k  Notice: rate is 1/3, even for small F. Optimality?  Question: What can we do efficiently? General Possibility of Non-Malleability

23 Talk Outline  Definition of non-malleable codes.  General (im)possibility results for nm-codes.  Efficient non-malleable codes.  Bit-wise independent tampering.  Results in the RO model.  Application to tamper-resilient security:  Formal model of tamper-resilience.  Application of non-malleable codes.  Comparison to prior work.

24 Bit-wise independent tampering  Every bit of the codeword can be tampered arbitrarily, but independently of the value of other bits.  Tampering functions f = (f 1,…,f n ) and f(c) = f 1 (c 1 ),…,f n (c n ).  f i : {0,1} ! {0,1} can be arbitrary. Four options for each f i : “keep”, “flip”, “set to 0”, “set to 1”.  Bit-wise independent tampering contains:  All constant functions: f c (x) = c (only “set to 0/1”).  All “constant error” functions : f ¢ (x) = x + ¢ (only “keep/flip”).

25 Tool 1: AMD Codes  Algebraic Manipulation Detection codes: [CDFPW08] A coding scheme (AE, AD) is AMD code if for any s, ¢  0 Pr[AD( AE(s) + ¢ )  ? ] = negligible.  Achieves error-detection for “keep”/“flip”.  Does not protect against “set to 0”/“set to 1”. Definition:

26 Tool 2: Secret Sharing  LECSS: Linear Error-Correcting Secret Sharing (SSE, SSD).  Linearity: SSE(s 1 + s 2 ) = SSE(s 1 ) + SSE(s 2 )  t-Privacy: Any t bits of SSE(s) are mutually random.  d-Distance: Any c  0 s.t. weight H (c) < d, SSD(c) = ?. Definition:

27 Bit-wise independent tampering: Construction Given: AMD code (AE, AD). LECSS (SSE, SSD) with d/n > ¼ and t = ! (log(n)). The code: Enc(s) = SSE( AE(s) ), Dec(c) = AD( SSD(c) ) is non-malleable for bit-wise independent tampering. Given: AMD code (AE, AD). LECSS (SSE, SSD) with d/n > ¼ and t = ! (log(n)). The code: Enc(s) = SSE( AE(s) ), Dec(c) = AD( SSD(c) ) is non-malleable for bit-wise independent tampering. Theorem:

28 Bit-wise independent tampering: Proof  4 cases based on q= # of f i that are “set to 0”/”set to 1” s AMD Code LECSS c c* = f(c) f Set to 0 Set to 1 keep Set to 0 flip 0 1 c c c c1c1 c2c2 c3c3 c4c4 c5c5 c6c6

29 Bit-wise independent tampering: Proof  Case 1: n - t · q : Just samples Dec(c*).  OK since c* is completely unrelated to s (t-privacy). s AMD Code LECSS c c* = f(c) Set to 0/1 Keep/flip Uniformly random!

30 Bit-wise independent tampering: Proof  Case 2: n/2 · q < n - t: Just outputs ?.  Unlikely that DSS(c*)  ?. (distance/privacy). s AMD Code LECSS c Set to 0/1 Keep/flip c* = f(c) t-wise independent. few valid codewords.

31 Bit-wise independent tampering: Proof  Case 3: t · q < n/2: Just outputs ?.  Consider ¢ = c* - c. Same argument as previous case (linearity). s AMD Code LECSS c Set to 0/1 Keep/flip ¢ = c* - c t-wise independent. few valid codewords.

32 Bit-wise independent tampering: Proof  Case 4: q · t: Samples DSS( ¢ ). If 0 output “same” else ?.  ¢ is independent of AMD randomness.  If ¢  0 AMD code rejects. s AMD Code LECSS cs’ Set to 0/1 Keep/flip Uniformly random! ¢ = c* - c

33 Bit-wise independent tampering: Instantiation  Recall, instantiation needs:  LECSS (SSE, SSD) with distance d/n > ¼ and t = ! (log(n)).  AMD code (AE, AD)  AMD codes with extremely high rate [CDFPW08].  LECSS schemes?  Ramp version of Shamir secret sharing does not get d/n > ¼.  Use random linear code. (d = distance, t = dual distance).  Not explicit, but efficient: we never need to correct errors!  Parameters: Rate of final instantiation of (Enc, Dec) is k/n ¼ (1-H(.25)) ¼.19  Optimality?

34 Non-malleable Codes in the Random Oracle Model  Can we instantiate a random code efficiently?  Use a cryptographic hash function modeled as a Random Oracle.  Cheat: gives us an “efficient” way to compute a random function.  Also give this power to the adversary, tampering functions f.  Each bit of f(c) depends on some subset (e.g. 90%) of the bits of c. In the RO model, get efficient nm-codes for any “small family” F, which is “closed under oracle access”. (Access to an oracle does not change the family) In the RO model, get efficient nm-codes for any “small family” F, which is “closed under oracle access”. (Access to an oracle does not change the family) Theorem:

35 Talk Outline  Definition of non-malleable codes.  General (im)possibility results for nm-codes.  Efficient non-malleable codes.  Bit-wise independent tampering.  Results in the RO model.  Application to tamper-resilient security:  Formal model of tamper-resilience.  Application of non-malleable codes.  Comparison to prior work.

36 Tamper-Resilient Security Circuit G’ c = Enc(s) Decode s= Dec(c). Evaluate G(s). G’= Circuit G s Original Functionality (G, s) Compiled Functionality (G’, c)

37 Tamper-Resilient Security Circuit G’ c = Enc(s) Circuit G s Original Functionality (G, s) Compiled Functionality (G’, c) Tamper: f 2 F adv

38 Tamper-Resilient Security Circuit G’ c* Circuit G s Original Functionality (G, s) Compiled Functionality (G’, c) Tamper: f 2 F adv

39 Tamper-Resilient Security Circuit G’ c* Circuit G s Original Functionality (G, s) Compiled Functionality (G’, c) Tamper: f 2 F Input xOutput y adv State is re-encoded (reactive) Input x Output y Simulator ¼

40 Tamper-Resilient Security Theorem: If (Enc, Dec) is non- malleable w.r.t. F then our compiler is tamper-resilient w.r.t. F

41 Comparison to Prior Work  Same assumption: tampers memory, but not computation.  Main solution: use signatures.  Sign the state.  Verify signature on each invocation. If fail, stop working.  Does not satisfy our definition of tamper-resilient security.  e.g. Set the first bit of state to 0. See if device stops working.  Works for signature/encryption scheme (limitations).  Device cannot update its state (requires secret key).  Allows all efficient tampering strategies! Algorithmic Tamper-Proof Security [GLMMR04]

42 Comparison to Prior Work  Stronger model: adversary can tamper with the wire- values during a computation of a circuit.  Same strong definition of security using a simulator.  Limited to tampering functions which only modify some small subset of the wires (or set wires to 0). Private Circuits (II) [IPSW06]

43 Conclusions  Define non-malleable codes.  Construct non-malleable codes for:  All “small” families of tampering function (inefficient).  Bit-wise independent tampering (efficient).  Complex families closed under oracle access. (efficient in RO model).  Connect non-malleable codes to tamper-resilient security.  Open Questions:  More efficient constructions of non-malleable codes for other families.  Optimal rates?  Results in the stronger model of [ISPW06].


Download ppt "NON-MALLEABLE CODES AND TAMPER-RESILIENT SECURITY ( ICS 2010 ) Joint work with: Stefan Dziembowski, Krzysztof Pietrzak Speaker: Daniel Wichs."

Similar presentations


Ads by Google