Download presentation

Presentation is loading. Please wait.

Published byZion Barrett Modified about 1 year ago

1
Leakage-Resilient Cryptography Microsoft Research & U. Toronto Vinod Vaikuntanathan New Developments and Challenges

2
Secrets Information accessible to one party and not to other(s) Essential to cryptography! TheoryReal life Secrets leak! [Kocher,Jaffe,Jun’98] [Kocher’96] [Quisquater’01] Cache-Timing [Bernstein’05,OST’05]

3
Secrets Leak So, what can we do about it?

4
Leakage-Resilient Cryptography Can we do Crypto with no (perfect) secrecy? Yes (in most cases) A Fundamental Question in the Foundations of Cryptography secret public

5
Three Commandments I.Secrets leak in arbitrary ways. II.Secrets leak from everywhere. III.Secrets leak all the time. (hard-disk, RAM, cache, registers, randomness sources,…) (No protected time periods) (Axioms of Leakage) [Micali-Reyzin’04] (except: leakage is polynomial time computable, and does not betray the entire secret key)

6
Interpreting the Commandments A Simple Interpretation: Bounded Leakage [AGV09] (or, Two Leakage Models) — Total leakage λ < |SK| [AGV09,NS09,KV09,ADW09,ADN+10,…] — Adversary can learn any efficiently computable function L:{0,1}* → {0,1} λ of the secret key (*). sk L(sk) (*) Ideally, leakage from the entire secret state.

7
Interpreting the Commandments A Simple Interpretation: Bounded Leakage [AGV09] (or, Two Leakage Models) — Total leakage λ < |SK| [AGV09,NS09,KV09,ADW09,ADN+10,…] — Adversary can learn any efficiently computable function L:{0,1}* → {0,1} λ of the secret key. Variations: Auxiliary Input Model [DKL’09,DGKPV’10]: L is an uninvertible function of SK Noisy Model [NS’09]: H ∞ (SK | L(SK)) > |SK|- λ

8
Interpreting the Commandments A Realistic Interpretation: Continual Leakage (or, Two Leakage Models) — Rate of Leakage λ (leakage/time period) < |SK| — Adversary can learn any efficiently computable function L i :{0,1}* → {0,1} λ of the secret key at each “time-period” sk L 1 (sk) L 2 (sk) [ISW03MR04,DP08,Pie09,FKPR10,FRRTV10,BKKV10, DHLW10…]

9
Interpreting the Commandments A Realistic Interpretation: Continual Leakage (or, Two Leakage Models) [ISW03MR04,DP08,Pie09,FKPR10,FRRTV10,BKKV10, DHLW10…] — Of course, secret key should be refreshed in each time. — Non-trivial: Refresh SK without changing PK (in public- key systems), or without co-ordination (in SK systems) Observations: — Rate of Leakage λ (leakage/time period) < |SK| — Adversary can learn any efficiently computable function L i :{0,1}* → {0,1} λ of the secret key at each “time-period”

10
Talk Plan PART 1: Bounded Leakage Model –One-way Functions PART 2: Continual Leakage Model PART 3: Some Research Directions –Digital Signatures –Leakage-resilient Compilers, Tamper Resistance,… –Public-key Encryption

11
A Brief History of Leakage in Crypto “We stand on the shoulders of giants…”

12
A Brief History of Leakage in Crypto Privacy Amplification [von Neumann’46,…,Bennett-Brassard- Robert’85] — “Distill an perfectly random shared key from an imperfect one” Bounded Storage/Retrieval Models [Maurer’92,…,Di Crescenzo-Lipton-Walfish’06,Dziembowski’06] Exposure-Resilient Cryptography [Rivest’97, Boyko’98, CDHKS’00,ISW’03,IPSW’06] — Leakage = a subset of bits of SK — We want to tolerate arbitrary (PPT) leakage functions (axiom 1) — More generally, MPC, threshold crypto etc.

13
A Brief History of Leakage in Crypto — “Distill an perfectly random shared key from an imperfect one” Bounded Storage/Retrieval Models [Maurer’92,…,Di Crescenzo-Lipton-Walfish’06,Dziembowski’06] Exposure-Resilient Cryptography [Rivest’97, Boyko’98, CDHKS’00,ISW’03,IPSW’06] Proactive Cryptography [HJKY’95, HJJKY’97, R’98] — “How to cope with perpetual leakage” (a continual leakage model) Privacy Amplification [von Neumann’46,…,Bennett-Brassard- Robert’85]

14
[Ishai-Sahai-Wagner2003] [Micali-Reyzin2004] [Dodis-Ong-Prabhakaran-Sahai2004] [Ishai-Prabhakaran-Sahai-Wagner2006] [Dziembowski-Pietrzak2008] [Akavia-Goldwasser-V.2009] [Pietrzak2009] [Dodis-Kalai-Lovett2009] [Naor-Segev2009] [Dodis-Goldwasser-Kalai-Peikert-V.2009] [Katz-V.2009] [Faust-Kiltz-Pietrzak-Rothblum2009] [Alwen-Dodis-Wichs2009] [Goldwasser-Kalai-Peikert-V.2010] [Alwen-Dodis-Naor-Segev-Walfish-Wichs2009] [Juma-Vahlis.2010] [Faust-Rabin-Reyzin-Tromer-V.2010] [Brakerski-Kalai-Katz-V.2010] [Goldwasser-Rothblum.2010] [Dodis-Haralambiev-Lopez-alt-Wichs.2010] [Lewko-Waters.2010] [Chow-Dodis-Rouselakis-Waters.2010] [Boyle-Wichs-Segev.2011] [Kiltz-Pietrzak.2011] [Malkin-Teranishi-Vahlis-Yung.2011] [Jain-Pietrzak.2011] [Halevi-Lin.2011] [Lewko-Rouselakis-Waters.2011] [Lewko-Lewko-Waters.2011] …

15
Bounded Leakage

16
Leakage-Resilient One-way Functions Easy Observation: “Hardness Leakage-resilience” –Similar connections for other primitives (enc,sig,…) –Need 2 O(n) -hardness to get O(n)-LR.

17
Leakage-Resilient One-way Functions Theorem [KV09,ADW09]: If there are Universal One-way Hash Functions, then there are LR one-way functions. –Corollary [NY89,Rom90]: If OWF exist, then LR OWFs exist.

18
Leakage-Resilient One-way Functions Proof: Information-theoretic + Crypto techniques A Blue-print for most leakage-resilience proofs

19
Leakage-Resilient One-way Functions Proof: reduction (UOWHF-breaker) adversary

20
Leakage-Resilient One-way Functions Proof: reduction adversary y=f(x) x — H ∞ (x) = n — Adversary returns x'≠x w.p ≥ 1/2 → breaks UOWHF

21
A Blueprint for Leakage Proofs — Problem with many solutions — Hard: given one solution, find another — Security redn has one soln, computes leakage using that — Adversary doesn’t have enough info to pin-point the solution — Adversary returns a different soln, unwittingly solves the hard problem (information-theoretic argument) (computational argument)

22
An Open Question Theorem [KV09,ADW09]: Any Universal One-way Hash Fn (uowhf) f:{0,1} n → {0,1} n-L-1 is an L-leakage-resilient OWF. xy=F(x) Is there an leakage-resilient injective OWF? Show injective OWF = injective LR-OWF (or, separation?) OPEN:

23
Leakage-Resilient Signatures PK Sign SK (m) L(SK ) L m Cannot produce sign for a new m* sk

24
Leakage-Resilient Signatures Theorem [KV09]: λ -leakage-resilient OWF (+simulation- extractable NIZK [S99,DDOPS01]) → λ -leakage-resilient signatures Sign(m): SimExt-NIZK m for “ ∃ x s.t PK contains h(x)” SK: x PK: (f,y=f(x),CRS nizk ), where f is an λ -LR OWF, — Signature contains no (computational) info. on SK — Forgery ⇒ extract a secret-key. Proof Idea: Sim-Ext — Break LR OWF. similar to [Bellare-Goldwasser’92]

25
LR Signatures: Subsequent Results [ADW09]: Fiat-Shamir transform + LR OWFs → LR- Sigs in the random oracle model. [DHLW10]: Efficient LR Sigs without random oracles (using bilinear maps). [BKK V 10,DHLW10]: Continual LR Sigs [BSW11,MTVY11]: (continual) LR Sigs where the randomness used for signing can leak as well. [LLW10]: Continual LR Sigs where the key update phase leaks as well

26
Leakage-Resilient Public-key Encryption (cpa) PK L(SK ) L sk Enc(b) (b← $ {0,1}) Cannot predict b

27
– [AGV09]: based on Lattices – [NS09,DGKPV10] based on Diffie-Hellman (show that [Regev05,GPV08] is leakage-resilient) (show that [BHHO08] is leakage-resilient) – [NS09] from any hash proof system [CS02] Leakage-Resilient Public-key Encryption Theorem: For every λ < |SK| - secparam, (cpa-secure) public-key encryption that tolerates λ bits of leakage:

28
Adv. breaks cpa-security Construction Outline Old Idea: One Public Key, many possible Secret Keys PK Public Key Space Secret Key space Hard Problem: Given one SK, find another. For starters: Adv. finds sk. – Reduction knows one SK, simulates leakage from it – Adv. gets pk+leakage → not enough info to fully specify SK – Adv. finds SK′ ≠ SK → breaks hard problem. Proof:

29
Adv. breaks cpa-security Construction Outline Old Idea: One Public Key, many possible Secret Keys For starters: Adv. finds sk. M DEC M C ENC PK M M ► Correctness All secret keys decrypt C to the same message

30
Adv. breaks cpa-security Construction Outline Old Idea: One Public Key, many possible Secret Keys New Idea: REAL Encryption vs. FAKE Encryption PK C Fake ENC M C Real ENC DEC M1M1 M3M3 M2M2 ► Different secret keys decrypt c to different messages ► and yet, Fake ≈ Real (even given an SK) ≈

31
Security Proof L(SK) M1M1 M3M3 M2M2 C Fake ENC “Fake World” ??? “Real World” M MC Real ENC PK DEC

32
LR Public-key Encryption: Subsequent Results [NS09]: CPA-secure → CCA-secure with the same leakage-resilience (idea: use Naor-Yung) [AGV09,ADN+10,CDRW10]: leakage-resilient IBE (with leakage from the user secret keys). [LW10]: leakage-resilient IBE (with leakage from the master secret key as well), LR HIBE, ABE etc. [BKK V 10,DHLW10]: Continual LR Encryption [LLW10]: Continual LR Enc where the key update phase leaks as well [HL11]: “After-the-fact” Leakage

33
Continual Leakage

34
Continual LR Public-key Encryption Unbounded leakage, but bounded in each time period Challenge: keep the public key the same Solution idea: “refresh” (randomize) the secret key sk 1 L 1 (sk 1 ) L 2 (sk 2 ) sk 2 – users (encryptors) are oblivious of the updates!

35
Continual LR Public-key Encryption Theorem: [BKKV10] CLR-secure public-key encryption schemes that tolerate (in every time step): – (1/2-ε)|SK| leakage, based on decisional linear – (1-ε)|SK| leakage, based on symmetric external DH assumptions in bilinear groups. sk 1 L 1 (sk 1 ) L 2 (sk 2 ) sk 2

36
Continual LR Public-key Encryption Other Results: [BKKV10]: CLR-secure signatures and IBE (with leakage from user secret keys) Concurrently, [DHLW10]: efficient CLR-secure signatures, ID schemes and AKA schemes sk 1 L 1 (sk 1 ) L 2 (sk 2 ) sk 2 [LLW11]: tolerates large leakage from updates

37
Continual LR Public-key Encryption How to update SK? (without changing PK) pk sk space First Idea: Resample from the key-space! PROBLEM: This is supposed to be hard! sk 1 sk 2 sk 3 sk 4 L 1 (SK 1 ) L 2 (SK 2 ) L 3 (SK 3 ) L 4 (SK 4 )

38
New Idea: “Neighborhood of SKs” Given a secret key: –Easy to resample inside neighborhood. –Hard to find a secret key outside of neighborhood. pk corresp. sk space Sampling in neighborhood ≈ c entire space. Adv. can’t tell the difference. “Proof” outline: –Reduction knows sk and updates in neighborhood. –To Adv., updates “look like” from entire space. –Even given leakage, Adv. cannot recover any leaked key entirely will have to come up with new sk’≠sk. –WHP sk’ not in neighborhood breaks hard problem.

39
Some Open Questions

40
SO FAR: Designed SPECIFIC crypto primitives (sigs.,enc.) secure against continual leakage QUESTION: Any circuit → Continual Leakage-resilient circuit — Yao/GMW/BGW/CCD for leakage-resilient crypto Foundational Questions — Automatically leakage-proof commonly used cryptosystems, e.g., RSA / AES

41
Foundational Questions Many Partial Results [Ishai-Sahai-Wagner’03] : Any circuit → “Probing-resilient” circuit secure against leakage of ≤ t wires [FRRT V ’09] : Any circuit → circuit secure against AC 0 leakage [JV’10,GR’10] : Any circuit → circuit secure against polynomial-time leakage (assuming a small piece of secure hardware) (assuming a small piece of secure hardware + secure memory) OPEN: a compiler against general leakage functions (without secure hardware) [BGIRSVY’00,Imp’10] : This has connections to program obfuscation!

42
Practical Questions In theory, we have practical constructions – How about truly practical constructions? (e.g. [YSPY’10]) – Perhaps relax the model in a meaningful way Given a side-channel attack, how much information does it leak? [SVO+10] model reality

43
To Conclude… Tons of Open Problems — Parallel Repetition for Leakage Amplification [DW,LW]: Suppose scheme S tolerates L bits. Can we “repeat it in parallel” n times and get nL bit leakage-tolerance? — Tamper Resistance [IPSW, GLMMR, DPW, Malkin et al.]: Many attacks, Boneh-Lipton, Shamir’s bug attacks... Very Active Field, Lots of work recently! Information-theoretic + Computational Techniques Entropy

44
Thanks! Questions? You can find me here …

Similar presentations

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google