leakage-resilient cryptography
DESCRIPTION
Leakage-Resilient Cryptography. New Developments and Challenges. Vinod Vaikuntanathan. Microsoft Research & U. Toronto. Secrets. Information accessible to one party and not to other(s) Essential to cryptography!. Theory. Real life. Secrets leak!. [Kocher,Jaffe,Jun’98 ]. [Quisquater’01]. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/1.jpg)
Leakage-Resilient Cryptography
Microsoft Research & U. Toronto
Vinod Vaikuntanathan
New Developments and Challenges
![Page 2: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/2.jpg)
Secrets
Information accessible to one party and not to other(s)
Essential to cryptography!
Theory Real life
Secrets leak!
[Kocher,Jaffe,Jun’98]
[Kocher’96]
[Quisquater’01]
Cache-Timing
[Bernstein’05,OST’05]
![Page 3: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/3.jpg)
Secrets Leak
So, what can we do about it?
![Page 4: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/4.jpg)
Leakage-Resilient Cryptography
Can we do Crypto with no (perfect) secrecy?
Yes (in most cases)
A Fundamental Question in the Foundations of Cryptography
secret
public
![Page 5: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/5.jpg)
Three Commandments
I. Secrets leak in arbitrary ways.
II. Secrets leak from everywhere.
III. Secrets leak all the time.
(hard-disk, RAM, cache, registers, randomness sources,…)
(No protected time periods)
(Axioms of Leakage)
[Micali-Reyzin’04]
(except: leakage is polynomial time computable,
and does not betray the entire secret key)
![Page 6: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/6.jpg)
Interpreting the Commandments
A Simple Interpretation: Bounded Leakage [AGV09]
(or, Two Leakage Models)
— Total leakage λ < |SK| [AGV09,NS09,KV09,ADW09,ADN+10,…]
— Adversary can learn any efficiently computable function L:{0,1}* → {0,1} λ of the secret key(*).
sk L(sk)1 0 1
(*) Ideally, leakage from the entire secret state.
![Page 7: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/7.jpg)
Interpreting the Commandments
A Simple Interpretation: Bounded Leakage [AGV09]
(or, Two Leakage Models)
— Total leakage λ < |SK| [AGV09,NS09,KV09,ADW09,ADN+10,…]
— Adversary can learn any efficiently computable function L:{0,1}* → {0,1} λ of the secret key.
Variations:
Auxiliary Input Model [DKL’09,DGKPV’10]: L is an uninvertible function of SK
Noisy Model [NS’09]: H∞(SK | L(SK)) > |SK|- λ
![Page 8: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/8.jpg)
Interpreting the Commandments
A Realistic Interpretation: Continual Leakage
(or, Two Leakage Models)
— Rate of Leakage λ (leakage/time period) < |SK|
— Adversary can learn any efficiently computable function
Li:{0,1}* → {0,1}λ of the secret key at each “time-period”
sk
L1(sk)
L2(sk)1 0 1
0 0 1
[ISW03MR04,DP08,Pie09,FKPR10,FRRTV10,BKKV10, DHLW10…]
![Page 9: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/9.jpg)
Interpreting the Commandments
A Realistic Interpretation: Continual Leakage
(or, Two Leakage Models)
[ISW03MR04,DP08,Pie09,FKPR10,FRRTV10,BKKV10, DHLW10…]
— Of course, secret key should be refreshed in each time.
— Non-trivial: Refresh SK without changing PK (in public-key systems), or without co-ordination (in SK systems)
Observations:
— Rate of Leakage λ (leakage/time period) < |SK|
— Adversary can learn any efficiently computable function
Li:{0,1}* → {0,1}λ of the secret key at each “time-period”
![Page 10: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/10.jpg)
Talk Plan
PART 1: Bounded Leakage Model
– One-way Functions
PART 2: Continual Leakage Model
PART 3: Some Research Directions
– Digital Signatures
– Leakage-resilient Compilers, Tamper Resistance,…
– Public-key Encryption
![Page 11: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/11.jpg)
A Brief History of Leakage in Crypto“We stand on the shoulders of giants…”
![Page 12: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/12.jpg)
A Brief History of Leakage in Crypto
Privacy Amplification [von Neumann’46,…,Bennett-Brassard-Robert’85]
— “Distill an perfectly random shared key from an imperfect one”
Bounded Storage/Retrieval Models [Maurer’92,…,Di Crescenzo-Lipton-Walfish’06,Dziembowski’06]
Exposure-Resilient Cryptography[Rivest’97, Boyko’98, CDHKS’00,ISW’03,IPSW’06]
— Leakage = a subset of bits of SK
— We want to tolerate arbitrary (PPT) leakage functions (axiom 1)
— More generally, MPC, threshold crypto etc.
![Page 13: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/13.jpg)
A Brief History of Leakage in Crypto
— “Distill an perfectly random shared key from an imperfect one”
Bounded Storage/Retrieval Models [Maurer’92,…,Di Crescenzo-Lipton-Walfish’06,Dziembowski’06]
Exposure-Resilient Cryptography[Rivest’97, Boyko’98, CDHKS’00,ISW’03,IPSW’06]
Proactive Cryptography[HJKY’95, HJJKY’97, R’98]
— “How to cope with perpetual leakage” (a continual leakage model)
Privacy Amplification [von Neumann’46,…,Bennett-Brassard-Robert’85]
![Page 14: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/14.jpg)
[Ishai-Sahai-Wagner2003]
[Micali-Reyzin2004]
[Dodis-Ong-Prabhakaran-Sahai2004]
[Ishai-Prabhakaran-Sahai-Wagner2006]
[Dziembowski-Pietrzak2008]
[Akavia-Goldwasser-V.2009][Pietrzak2009][Dodis-Kalai-Lovett2009][Naor-Segev2009][Dodis-Goldwasser-Kalai-Peikert-V.2009][Katz-V.2009][Faust-Kiltz-Pietrzak-Rothblum2009][Alwen-Dodis-Wichs2009][Goldwasser-Kalai-Peikert-V.2010][Alwen-Dodis-Naor-Segev-Walfish-Wichs2009][Juma-Vahlis.2010][Faust-Rabin-Reyzin-Tromer-V.2010][Brakerski-Kalai-Katz-V.2010][Goldwasser-Rothblum.2010][Dodis-Haralambiev-Lopez-alt-Wichs.2010][Lewko-Waters.2010][Chow-Dodis-Rouselakis-Waters.2010][Boyle-Wichs-Segev.2011][Kiltz-Pietrzak.2011][Malkin-Teranishi-Vahlis-Yung.2011][Jain-Pietrzak.2011][Halevi-Lin.2011][Lewko-Rouselakis-Waters.2011][Lewko-Lewko-Waters.2011] …
![Page 15: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/15.jpg)
Bounded Leakage
![Page 16: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/16.jpg)
Leakage-Resilient One-way Functions
Easy Observation: “Hardness Leakage-resilience”
– Similar connections for other primitives (enc,sig,…)
– Need 2O(n)-hardness to get O(n)-LR.
![Page 17: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/17.jpg)
Leakage-Resilient One-way Functions
Theorem [KV09,ADW09]: If there are Universal One-way Hash Functions, then there are LR one-way functions.
– Corollary [NY89,Rom90]: If OWF exist, then LR OWFs exist.
![Page 18: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/18.jpg)
Leakage-Resilient One-way Functions
Proof:
Information-theoretic + Crypto techniques
A Blue-print for most leakage-resilience proofs
![Page 19: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/19.jpg)
Leakage-Resilient One-way Functions
Proof: reduction (UOWHF-breaker)
adversary
𝑓 ,𝑥
𝑥 ′ ≠ 𝑥s.t.
𝑓 , 𝑓 (𝑥 ) ,𝐿(𝑥)
𝑥 ′
![Page 20: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/20.jpg)
Leakage-Resilient One-way Functions
Proof: reduction
adversary
𝑓 ,𝑥
𝑥 ′ ≠ 𝑥s.t.
𝑓 , 𝑓 (𝑥 ) ,𝐿(𝑥)
y=f(x)x
{0,1 }𝑛
— H∞(x) = n — H∞(x | f(x)) ≥ — H∞(x | f(x), L(x)) ≥ — H∞(x | f(x), L(x)) ≥
— Adversary returns x'≠x w.p ≥ 1/2 → breaks UOWHF
𝑥 ′
![Page 21: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/21.jpg)
A Blueprint for Leakage Proofs
— Problem with many solutions
— Hard: given one solution, find another
— Security redn has one soln, computes leakage using that
— Adversary doesn’t have enough info to pin-point the solution
— Adversary returns a different soln, unwittingly solves the hard problem
(information-theoretic argument)
(computational argument)
![Page 22: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/22.jpg)
Leakage-Resilient Signatures
PK
SignSK(m)
L(SK)
L
m
Cannot produce
sign for a new m*
sk
![Page 23: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/23.jpg)
Leakage-Resilient Signatures
Theorem [KV09]: λ-leakage-resilient OWF (+simulation-
extractable NIZK [S99,DDOPS01]) → λ-leakage-resilient signatures
Sign(m): SimExt-NIZKm for “∃x s.t PK contains h(x)”
SK: xPK: (f,y=f(x),CRSnizk), where f is an λ-LR OWF,
— Signature contains no (computational) info. on SK
— Forgery extract a secret-key.⇒
Proof Idea:
Sim-Ext
— Break LR OWF.
similar to [Bellare-Goldwasser’92]
![Page 24: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/24.jpg)
LR Signatures: Subsequent Results
[ADW09]: Fiat-Shamir transform + LR OWFs → LR-Sigs in the random oracle model.
[DHLW10]: Efficient LR Sigs without random oracles (using bilinear maps).
[BKKV10,DHLW10]: Continual LR Sigs
[BSW11,MTVY11]: (continual) LR Sigs where the randomness used for signing can leak as well.
[LLW10]: Continual LR Sigs where the key update phase leaks as well
![Page 25: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/25.jpg)
Leakage-Resilient Public-key Encryption(cpa)
PK
L(SK)
Lsk Enc(b)
(b←${0,1})
Cannot predict b
![Page 26: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/26.jpg)
– [AGV09]: based on Lattices
– [NS09,DGKPV10] based on Diffie-Hellman
(show that [Regev05,GPV08] is leakage-resilient)
(show that [BHHO08] is leakage-resilient)
– [NS09] from any hash proof system [CS02]
Leakage-Resilient Public-key Encryption
Theorem: For every λ < |SK| - secparam, (cpa-secure)
public-key encryption that tolerates λ bits of leakage:
![Page 27: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/27.jpg)
Adv. breaks
cpa-securityConstruction Outline
Old Idea: One Public Key, many possible Secret Keys
PK
Public Key Space Secret Key space
Hard Problem: Given one SK, find another.
For starters:
Adv. finds sk.
– Reduction knows one SK, simulates leakage from it
– Adv. gets pk+leakage → not enough info to fully specify SK
– Adv. finds SK′ ≠ SK → breaks hard problem.
Proof:
![Page 28: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/28.jpg)
Adv. breaks
cpa-securityConstruction Outline
Old Idea: One Public Key, many possible Secret Keys
For starters:
Adv. finds sk.
M
DEC
MCENC
PK M
M
► Correctness All secret keys decrypt C to the same message
![Page 29: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/29.jpg)
Adv. breaks
cpa-securityConstruction Outline
Old Idea: One Public Key, many possible Secret Keys
New Idea: REAL Encryption vs. FAKE Encryption
PK
CFakeENC
MC
RealENC
DEC
M1
M3
M2
► Different secret keys decrypt c to different messages
► and yet, Fake ≈ Real (even given an SK)
≈
![Page 30: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/30.jpg)
Security Proof
L(SK)
M1
M3
M2CFakeENC
“Fake World”
???
“Real World”
MM CReal
ENCPK
DEC
![Page 31: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/31.jpg)
LR Public-key Encryption: Subsequent Results
[NS09]: CPA-secure → CCA-secure with the same leakage-resilience (idea: use Naor-Yung)
[AGV09,ADN+10,CDRW10]: leakage-resilient IBE (with leakage from the user secret keys).
[LW10]: leakage-resilient IBE (with leakage from the master secret key as well), LR HIBE, ABE etc.
[BKKV10,DHLW10]: Continual LR Encryption
[LLW10]: Continual LR Enc where the key update phase leaks as well
[HL11]: “After-the-fact” Leakage
![Page 32: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/32.jpg)
Continual Leakage
![Page 33: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/33.jpg)
Continual LR Public-key Encryption
Unbounded leakage, but bounded in each time period
Challenge: keep the public key the same
Solution idea: “refresh” (randomize) the secret key
sk1
L1(sk1)
L2(sk2)1 0 1
0 0 1sk2
– users (encryptors) are oblivious of the updates!
![Page 34: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/34.jpg)
Continual LR Public-key Encryption
Theorem: [BKKV10] CLR-secure public-key encryption schemes that tolerate (in every time step):
– (1/2-ε)|SK| leakage, based on decisional linear– (1-ε)|SK| leakage, based on symmetric external DH
assumptions in bilinear groups.
sk1
L1(sk1)
L2(sk2)1 0 1
0 0 1sk2
![Page 35: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/35.jpg)
Continual LR Public-key Encryption
Other Results:
[BKKV10]: CLR-secure signatures and IBE (with leakage from user secret keys)
Concurrently, [DHLW10]: efficient CLR-secure signatures, ID schemes and AKA schemes
sk1
L1(sk1)
L2(sk2)1 0 1
0 0 1sk2
[LLW11]: tolerates large leakage from updates
![Page 36: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/36.jpg)
Continual LR Public-key Encryption
How to update SK? (without changing PK)
pk
sk space
First Idea: Resample from the key-space!
PROBLEM: This is supposed to be hard!
sk1sk
2
sk3
sk4
L1(SK1)
L2 (SK2)
L3(SK3)
L4(SK4)
![Page 37: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/37.jpg)
New Idea: “Neighborhood of SKs”
• Given a secret key:– Easy to resample inside neighborhood.– Hard to find a secret key outside of neighborhood.
pk
corresp. sk space
• Sampling in neighborhood ≈c entire space. Adv. can’t tell the difference.
• “Proof” outline:– Reduction knows sk and updates in neighborhood.– To Adv., updates “look like” from entire space.– Even given leakage, Adv. cannot recover any
leaked key entirely will have to come up with new sk’≠sk.
– WHP sk’ not in neighborhood breaks hard problem.
![Page 38: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/38.jpg)
Some Open Questions
![Page 39: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/39.jpg)
SO FAR: Designed SPECIFIC crypto primitives (sigs.,enc.) secure against continual leakage
QUESTION:
Any circuit → Continual Leakage-resilient circuit
— Yao/GMW/BGW/CCD for leakage-resilient crypto
Foundational Questions
— Automatically leakage-proof commonly used cryptosystems, e.g., RSA / AES
![Page 40: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/40.jpg)
Foundational Questions
Many Partial Results
[Ishai-Sahai-Wagner’03] : Any circuit → “Probing-resilient” circuit secure against leakage of ≤ t wires
[FRRTV’09] : Any circuit → circuit secure against AC0 leakage
[JV’10,GR’10] : Any circuit → circuit secure against polynomial-time leakage
(assuming a small piece of secure hardware)
(assuming a small piece of secure hardware + secure memory)
OPEN: a compiler against general
leakage functions(without secure hardware)
[BGIRSVY’00,Imp’10] : This has connections to program obfuscation!
![Page 41: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/41.jpg)
Practical Questions
In theory, we have practical constructions
– How about truly practical constructions? (e.g. [YSPY’10])
– Perhaps relax the model in a meaningful way
Given a side-channel attack, how much information does it leak? [SVO+10]
modelreality
![Page 42: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/42.jpg)
To Conclude…
Tons of Open Problems
— Parallel Repetition for Leakage Amplification [DW,LW]:
Suppose scheme S tolerates L bits. Can we “repeat it in parallel” n times and get nL bit leakage-tolerance?
— Tamper Resistance [IPSW, GLMMR, DPW, Malkin et al.]:
Many attacks, Boneh-Lipton, Shamir’s bug attacks...
Very Active Field, Lots of work recently!Information-theoretic + Computational Techniques
Entropy
![Page 43: Leakage-Resilient Cryptography](https://reader038.vdocuments.net/reader038/viewer/2022110103/56814333550346895dafa6ed/html5/thumbnails/43.jpg)
Thanks!
Questions?
You can find me here …