Leakage-Resilient Symmetric Cryptography under Empirically Verifiable Assumptions

Standaert, François‐Xavier; Pereira, Olivier; Yu, Yu

doi:10.1007/978-3-642-40041-4_19

Cited by 51 publications

(57 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In this model only actual computations are supposed to leak sensitive information. This captures the usual situation in side-channel attacks, where leakage data only depend on the current state of the target device and some independent randomness [32]. The internal data of the device are divided into two parts, an active and a passive part, the active part being the input data used in the current computation.…”

Section: Introductionmentioning

confidence: 99%

“…Several contemporary works [4,27,32] have put forward ways to redefine the above models and bring them closer to practice, for symmetric cryptography primitives. This comes at the cost of algorithmic-level specialization, providing models that are indeed more realistic, but which apply to a more restrained class of primitives (i.e., pseudorandom generators, block ciphers).…”

Section: Introductionmentioning

confidence: 99%

“…This kind of requirement that may look reasonable for a theoretician used to study cryptographic primitives in the so-called black-box model might seem completely unrealistic to the practitioner. As an example, let us recall the figure gathered in [32], where it is pointed out that the leaking of a block cipher recently reported in [24], consisted of 200,000 traces leading to more than 1.5 Gb of data storage.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Implementation of a leakage-resilient ElGamal key encapsulation mechanism

et al. 2016

View full text Add to dashboard Cite

Leakage-resilient cryptography aims to extend the rigorous guarantees achieved through the provable security paradigm to physical implementations. The constructions designed on basis of this new approach inevitably suffer from an Achilles heel: a bounded leakage assumption is needed. Currently, a huge gap exists between the theory of such designs and their implementation to confirm the leakage resilience in practice. The present work tries to narrow this gap for the leakage-resilient bilinear ElGamal key encapsulation mechanism (BEG-KEM) proposed by Kiltz and Pietrzak in 2010. Our first contribution is a variant of the bounded leakage and the only-computation-leaks model that is closer to practice. We weaken the restriction on the image size of the leakage functions in these models and only A preliminary version of this paper has appeared at PROOFS 2014. insist that the inputs to the leakage functions have sufficient min-entropy left, in spite of the leakage, with no limitation on the quantity of this leakage. We provide a novel security reduction for BEG-KEM in this relaxed leakage model using the generic bilinear group axiom. Secondly, we show that a naive implementation of the exponentiation in BEG-KEM makes it impossible to meet the leakage bound. Instead of trying to find an exponentiation algorithm that meets the leakage axiom (which is a non-trivial problem in practice), we propose an advanced scheme, BEG-KEM+, that avoids exponentiation by a secret value, but rather uses an encoding into the base group due to Fouque and Tibouchi. Thirdly, we present a software implementation of BEG-KEM+ based on the Miracl library and provide detailed experimental results. We also assess its (theoretical) resistance against power analysis attacks from a practical perspective, taking into account the state-of-the-art in side-channel cryptanalysis.

show abstract

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Implementation of a leakage-resilient ElGamal key encapsulation mechanism

et al. 2016

View full text Add to dashboard Cite

show abstract

“…Prominent sources of such physical leakages include the running time of an implementation [17], its power consumption [18] or electromagnetic radiation emitting from it [27]. A large body of recent applied and theoretical research attempts to incorporate the information an adversary obtains from the leakage into the security analysis and develops countermeasures to defeat common side-channel attacks [4,14,21,1,9,32,31]. While there is still a large gap between what theoretical models can achieve and what side-channel information is measured in practice, some recent important works propose models that better go align with the perspective of cryptographic engineering [30,25,31].…”

Section: Introductionmentioning

confidence: 99%

Unifying Leakage Models: From Probing Attacks to Noisy Leakage.

Duc

Dziembowski

Faust

2014

Lecture Notes in Computer Science

147

View full text Add to dashboard Cite

Abstract. A recent trend in cryptography is to formally show the leakage resilience of cryptographic implementations in a given leakage model. One of the most prominent leakage modelsthe so-called bounded leakage model -assumes that the amount of leakage is a-priori bounded. Unfortunately, it has been pointed out that the assumption of bounded leakages is hard to verify in practice. A more realistic assumption is to assume that leakages are sufficiently noisy, following the engineering observation that real-world physical leakages are inherently noisy. While the noisy leakage assumption has first been studied in the seminal work of Chari et al. (CRYPTO 99), the recent work of Prouff and Rivain (Eurocrypt 2013) provides the first analysis of a full masking scheme under a physically motivated noise model. In particular, the authors show that a block-cipher implementation that uses an additive masking scheme is secure against noisy leakages. Unfortunately, the security analysis of Prouff and Rivain has three important shortcomings: (1) it requires leak-free gates, (2) it considers a restricted adversarial model (random message attacks), and (3) the security proof has limited application for cryptographic settings. In this work, we provide an alternative security proof in the same noisy model that overcomes these three challenges. We achieve this goal by a new reduction from noisy leakage to the important theoretical model of probing adversaries (Ishai et al -CRYPTO 2003). Our work can be viewed as a next step of closing the gap between theory and practice in leakage resilient cryptography: while our security proofs heavily rely on concepts of theoretical cryptography, we solve problems in practically motivated leakage models.

show abstract

“…At Crypto'13, Standaert et al [19] proposed a new notion for leakage resilience involving simulators. The intuition behind their proposal is that if an adversary cannot tell the difference between real leakage and simulated leakage (from a simulator that does not know the secret key), then clearly the leakage does not reveal any information about the secret key.…”

Section: Introductionmentioning

confidence: 99%

Simulatable Leakage: Analysis, Pitfalls, and New Constructions

Longo

Martin

Oswald

et al. 2014

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. In 2013, Standaert et al. proposed the notion of simulatable leakage to connect theoretical leakage resilience with the practice of side channel attacks. Their use of simulators, based on physical devices, to support proofs of leakage resilience allows verification of underlying assumptions: the indistinguishability game, involving real vs. simulated leakage, can be 'played' by an evaluator. Using a concrete, block cipher based leakage resilient PRG and high-level simulator definition (based on concatenating two partial leakage traces), they included detailed reasoning why said simulator (for AES-128) resists state-of-the-art side channel attacks.In this paper, we demonstrate a distinguisher against their simulator and thereby falsify their hypothesis. Our distinguishing technique, which is evaluated using concrete implementations of the Standaert et al. simulator on several platforms, is based on 'tracking' consistency (resp. identifying simulator inconsistencies) in leakage traces by means of crosscorrelation. In attempt to rescue the approach, we propose several alternative simulator definitions based on splitting traces at points of low intrinsic cross-correlation. Unfortunately, these come with significant caveats, and we conclude that the most natural way of producing simulated leakage is by using the underlying construction 'as is' (but with a random key).

show abstract

Leakage-Resilient Symmetric Cryptography under Empirically Verifiable Assumptions

Cited by 51 publications

References 37 publications

Implementation of a leakage-resilient ElGamal key encapsulation mechanism

Implementation of a leakage-resilient ElGamal key encapsulation mechanism

Unifying Leakage Models: From Probing Attacks to Noisy Leakage.

Simulatable Leakage: Analysis, Pitfalls, and New Constructions

Contact Info

Product

Resources

About