Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust...
-
Upload
garey-greer -
Category
Documents
-
view
213 -
download
0
Transcript of Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust...
![Page 1: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/1.jpg)
Protecting Circuits from Leakage
the computationally bounded and noisy cases Sebastian Faust
Eurocrypt 2010, Nice
Joint work with
KU Leuven
Tal RabinLeo ReyzinEran TromerVinod Vaikuntanathan
IBM Research
Boston University
MIT
IBM Research
![Page 2: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/2.jpg)
2
Theory vs. Reality
KX Y
Standard security analysis:
Controls inputs/outputs, e.g. CPA
Computation completely unknown
KX Y
Attacking the implementation:
input
key
output
Adversary obtains leakage
Use physical observations: e.g. power consumption, timing,… Completely break crypto schemes!
implement
![Page 3: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/3.jpg)
3
Countermeasures?
Hot topic:ISW03, MR04, DP08, P09, AGV09, ADW09, KV09, DKL09,… Many more citations in the paper
• We may try to defeat specific attacks, e.g. power analysis, timing attacks,…
• Or we can try to go for a broad class!
Most other work: Security of specific scheme
This work: How to securely implement any scheme?
![Page 4: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/4.jpg)
4
How to extend the standard model?
KModeled by a leakage function fAdversary obtains leakage f(state)
Real-life leakages don’t leak complete key
Power consumption: e.g. f(st) ≈ Hamming weight of wires in circuit
Arbitrary leakage function? No… e.g.: f(st) = K means no security
Some restrictions are necessary
X Y
Probing: f(st) = some bits of state
![Page 5: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/5.jpg)
5
Restrictions: Bounded leakage
Bounded total leakageK
…f(st)
K
f(st)
K
f(st)
e.g. used to model cold boot attacks
Continuous leakage
Amount of leakage << length of key K Bounded per observation, but:
total leakage >> |K|
![Page 6: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/6.jpg)
6
Restrictions: Bounded leakage
Bounded total leakageK
…f(st)
K1
f(st1)
Kn
f(stn)
Bounded per observation, but: total leakage >> |K|
e.g. power analysis
Continuous leakage
requires refreshing of key: K Kie.g. used to model cold boot attacks
Amount of leakage << length of key K
![Page 7: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/7.jpg)
7
Restrictions: Local vs. Global
Local leakage Global leakage
e.g. probing: leakage is oblivious to most of the computation
e.g. power analysis: power consumption
depends on all computation
![Page 8: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/8.jpg)
8
Restrictions: Weak/Noisy vs. PPT (requires bounded leakage)
Weak or Noisy leakageK
f є L = {computationally weak functions}Leakage can be described by “simple” aggregated functionIs this reasonable? Yes! E.g. probing, power consumption…
f(st)weak
![Page 9: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/9.jpg)
9
Weak or Noisy leakageK
f(st)
K
f(st)
f є L = {Noisy functions}:
Leakage is a noisy function of the secret key
Restrictions: Weak/Noisy vs. PPT (requires bounded leakage)
weaknoisy
![Page 10: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/10.jpg)
10
Weak or Noisy leakageK
f(st)
K
f(st)
Powerful!Powerful!
Restrictions: Weak/Noisy vs. PPT (requires bounded leakage)
weaknoisy
![Page 11: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/11.jpg)
11
Weak or Noisy leakageK
f(st)
K
f(st)
Polynomial-time leakageK
f(st)
f є L = {PPT functions} Leakage is arbitrary PPT function
Restrictions: Weak/Noisy vs. PPT (requires bounded leakage)
Powerful!Powerful!
weaknoisy PPT
Probably stronger than leakage in reality
![Page 12: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/12.jpg)
12
Q: Is there computation that can be protected
against global, continuous, but
weak or noisy leakage?
A challenge…
A: Any Computation!If we have a simple leak-free component
Reduce some complex computation to very simple shielded component [MR04]
![Page 13: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/13.jpg)
13
Earlier work: Ishai, Sahai, Wagner ‘03
Main drawback: No proof of security for global functions, e.g. Hamming Weight
Q: Is there computation that can be protected
against global, continuous, but
weak or noisy leakage?
A: Any Computation!
localprobing
![Page 14: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/14.jpg)
14
1.Circuit Compilers
2.Our Result
Rest of this talk…
![Page 15: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/15.jpg)
15
Circuit compiler:
C‘ with K‘ has same functionality as C with K
K
X Y
C
YX
K’
C’
Circuit compilers
Is resistant to continuous leakages from some large function class L (Security Definition by Simulation)
Input: description of arbitrary circuit C and key K
Functionality preserving:
Uses same gates as CTransformed circuit C‘:
+ leak-free gate (later more)
Output: description of transformed circuit C‘ and key K‘
![Page 16: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/16.jpg)
16
Our Result
Theorem 1: A compiler that makes any circuit resilient to computationally weak leakages.
Set of leakage functions L can be large, but they cannot compute a certain linear functionOne example:
AC0 = Const depth and poly size circuits of Λ or V gates.
What does this mean?
L = AC0 L cannot compute linear function parity!
![Page 17: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/17.jpg)
17
Our Result
Theorem 2: A compiler that makes any circuit resilient to noisy leakages.
What does this mean?
Leakages are {wirei + noise ƞi}- ƞi = 0, with probability 1-p
- ƞi = 1, with probability p
Both compilers assume leak-free gates in transformed circuit!
![Page 18: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/18.jpg)
18
Leak-free gates
Leak-free processor: oblivious RAM(1)
Many previous usages in leakage-resilience:
Leak-free memory: “only computation leaks”, one-time programs(2)
Our leak-free gate is: Small & simple: Much smaller than size of Stateless: No secrets are stored
Computation independent: No inputs
For Theorem 1: random t-bit string (b1,…,bt) with parity 0
(1) [G89,GoldOstr95], (2) [MicRey04], [DziPie08], [GoldKalRoth08]
For Theorem 2: above properties, but a bit more complicated
![Page 19: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/19.jpg)
19
Compiler: high-level
C
M
● +
●
● +
C●
MCircuit topology is preserved
1. Memory: Encoded memory
Bit b e.g. “Parity” encoding”:uniform t-bit string (b1…bt) with parity b
![Page 20: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/20.jpg)
20
Compiler: high-level
C
M
● +
●
● +
C●
M
2. Each wire w Wire bundle that carries the encoding of w, e.g. a t-bit string with parity w
![Page 21: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/21.jpg)
21
Two key properties of our encoding
Let (a1,…at) and (b1,…bt) be bit strings with parity 0 and 1 (resp.)
f(a1,…at) or f(b1,…bt)
2. Noise indistinguishable [XOR Lemma]
(a1+ƞ1,+…at+ƞt) or (b1+ƞ1,…bt+ƞt) ??
in AC0in AC0
Flip each bit with prob. p
1. L=AC0 indistinguishable [Has86,DubrovIshai06]
??
![Page 22: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/22.jpg)
22
Compiler: high-level
C
M
● +
●
● +
C●
M
3. Gates Gadgets: built from normal gates and leak-free gates and operate on encodings
Properties of the encoding do not suffice for security!
![Page 23: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/23.jpg)
23
Conclusion
Two circuit compilers ….
global leakages: i.e. leakage can depend on all the computation, all intermediate results,…
continuous leakage: the amount of leakage over time is unbounded
- eliminate leak-free gates
compile any circuit
Open problems:
- For security parameter t: blow-up ≈ t2
![Page 24: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/24.jpg)
24
Thank you!
![Page 25: Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.](https://reader036.fdocuments.us/reader036/viewer/2022062714/56649cfa5503460f949cc3bb/html5/thumbnails/25.jpg)
25
Simulation: Real:
indistinguishable
L-Security: Simulation [ISW03]
Intuition: Adversary learns no more than by input/output access
X1
f1 ∈L
Y1
f1 (wires1)
Simulation:K1
X1Y1
…
K’1
Xn
fn ∈L
Yn
fn (wiresn)
K’n
…
refresh key
Can e.g. be some low complexity function class