Efficient Public-Key Cryptography with Bounded Leakage and Tamper Resilience

Faonio, Antonio; Venturi, Daniele

doi:10.1007/978-3-662-53887-6_32

Cited by 21 publications

(7 citation statements)

References 54 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Other related work on tamper resilient signature schemes include the work of: Faonio and Venturi [FV16] (that presented a generic way to construct bounded tamper resilient signatures in the standard model), Fujisaki and Xagawa [FX16] (who among other things proved impossibility of non-persistent tamper-resilient signatures against arbitrary class of tampering functions, even in the presence of self-destruct and keyupdating mechanisms), Austrin et al [ACM + 17] (who considered p-tampering attacks that tamper with each bit of the random tapes of cryptographic algorithms) and Damgård et al [DFMV17] (who proved the bounded tamper resilience of Σ-protocols against the arbitrary class of tampering functions, considering the faults on the witness and public parameters).…”

Section: Related Workmentioning

confidence: 99%

Security of Hedged Fiat–Shamir Signatures Under Fault Attacks

Aranha

Orlandi

Takahashi

et al. 2020

Advances in Cryptology – EUROCRYPT 2020

View full text Add to dashboard Cite

Deterministic generation of per-signature randomness has been a widely accepted solution to mitigate the catastrophic risk of randomness failure in Fiat-Shamir type signature schemes. However, recent studies have practically demonstrated that such de-randomized schemes, including EdDSA, are vulnerable to differential fault attacks, which enable adversaries to recover the entire secret signing key, by artificially provoking randomness reuse or corrupting computation in other ways. In order to balance concerns of both randomness failures and the threat of fault injection, some signature designs are advocating a "hedged" derivation of the per-signature randomness, by hashing the secret key, message, and a nonce. Despite the growing popularity of the hedged paradigm in practical signature schemes, to the best of our knowledge, there has been no attempt to formally analyze the fault resilience of hedged signatures. We perform a formal security analysis of the fault resilience of signature schemes constructed via the Fiat-Shamir transform. We propose a model to characterize bit-tampering fault attacks, and investigate their impact across different steps of the signing operation. We prove that, for some types of faults, attacks are mitigated by the hedged paradigm, while attacks remain possible for others. As concrete case studies, we then apply our results to XEdDSA, a hedged version of EdDSA used in the Signal messaging protocol, and to Picnic2, a hedged Fiat-Shamir signature scheme in Round 2 of the NIST Post-Quantum standardization process.

show abstract

Section: Related Workmentioning

confidence: 99%

Security of Hedged Fiat–Shamir Signatures Under Fault Attacks

Aranha

Orlandi

Takahashi

et al. 2020

Advances in Cryptology – EUROCRYPT 2020

View full text Add to dashboard Cite

show abstract

“…Security against tampering attacks against the memory can also be obtained without relying on non-malleable codes. See, e.g., [45,25,40,34,26] (and the references therein) for some examples.…”

Section: Further Related Workmentioning

confidence: 99%

Continuously non-malleable codes with split-state refresh

Faonio

Nielsen

Simkin

et al. 2019

Theoretical Computer Science

Self Cite

View full text Add to dashboard Cite

Non-malleable codes for the split-state model allow to encode a message into two parts, such that arbitrary independent tampering on each part, and subsequent decoding of the corresponding modified codeword, yields either the same as the original message, or a completely unrelated value. Continuously non-malleable codes further allow to tolerate an unbounded (polynomial) number of tampering attempts, until a decoding error happens. The drawback is that, after an error happens, the system must self-destruct and stop working, otherwise generic attacks become possible.In this paper we propose a solution to this limitation, by leveraging a split-state refreshing procedure. Namely, whenever a decoding error happens, the two parts of an encoding can be locally refreshed (i.e., without any interaction), which allows to avoid the self-destruct mechanism in some applications. Additionally, the refreshing procedure can be exploited in order to obtain security against continual leakage attacks. We give an abstract framework for building refreshable continuously non-malleable codes in the common reference string model, and provide a concrete instantiation based on the external Diffie-Hellman assumption.Finally, we explore applications in which our notion turns out to be essential. The first application is a signature scheme tolerating an arbitrary polynomial number of split-state tampering attempts, without requiring a self-destruct capability, and in a model where refreshing of the memory happens only after an invalid output is produced. This circumvents an impossibility result from a recent work by Fuijisaki and Xagawa (Asiacrypt 2016). The second application is a compiler for tamper-resilient read-only RAM programs. In comparison to other tamper-resilient RAM compilers, ours has several advantages, among which the fact that, in some cases, it does not rely on the self-destruct feature.Unfortunately, we cannot generalize the above proof strategy to multiple rounds. Indeed, Faust et al. exploit the fact that the leakage-resilient storage scheme remains secure even when the adversary is allowed to obtain one half of the encoding in full. Clearly, after that, the adversary is not allowed to leak further from the other half of the codeword. In our case, we would need to repeat the above trick again and again, in particular after each decoding error (and subsequent refresh of the target encoding) happens; however, once the reduction obtains one half of the codeword it cannot ask leakage queries anymore, so that it is unclear how to complete the proof. We give a solution to this problem by relying on a simple informationtheoretic observation.Let (X 0 , X 1 ) be two random variables, and consider a process that interleaves the computation of a sequence of leakage functions g 1 , g 2 , g 3 , . . . from X 0 and from X 1 . The process continues until, for some index i ∈ N, we have that g i (X 0 ) = g i (X 1 ). We claim that g i (X 0 ) := g 1 (X 0 ), g 2 (X 0 ), · · · , g i−1 (X 0 ) do not reveal more information about X 0 than what ...

show abstract

“…The flavor of non-malleable codes in which there is an a-priory upper bound on the total number of tampering queries, without self-destruct, was originally considered in [9]. This concept has a natural application to the setting of bounded tamper resilience (see, e.g., [15,14,24]).…”

Section: Additional Related Workmentioning

confidence: 99%

Non-Malleable Codes for Space-Bounded Tampering

Faust

Hostáková

Mukherjee

et al. 2017

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Non-malleable codes-introduced by Dziembowski, Pietrzak and Wichs at ICS 2010are key-less coding schemes in which mauling attempts to an encoding of a given message, w.r.t. some class of tampering adversaries, result in a decoded value that is either identical or unrelated to the original message. Such codes are very useful for protecting arbitrary cryptographic primitives against tampering attacks against the memory. Clearly, non-malleability is hopeless if the class of tampering adversaries includes the decoding and encoding algorithm. To circumvent this obstacle, the majority of past research focused on designing non-malleable codes for various tampering classes, albeit assuming that the adversary is unable to decode. Nonetheless, in many concrete settings, this assumption is not realistic. In this paper, we explore one particular such scenario where the class of tampering adversaries naturally includes the decoding (but not the encoding) algorithm. In particular, we consider the class of adversaries that are restricted in terms of memory/space. Our main contributions can be summarized as follows: • We initiate a general study of non-malleable codes resisting space-bounded tampering. In our model, the encoding procedure requires large space, but decoding can be done in small space, and thus can be also performed by the adversary. Unfortunately, in such a setting it is impossible to achieve non-malleability in the standard sense, and we need to aim for slightly weaker security guarantees. In a nutshell, our main notion (dubbed leaky space-bounded non-malleability) ensures that this is the best the adversary can do, in that space-bounded tampering attacks can be simulated given a small amount of leakage on the encoded value.

show abstract

Efficient Public-Key Cryptography with Bounded Leakage and Tamper Resilience

Cited by 21 publications

References 54 publications

Security of Hedged Fiat–Shamir Signatures Under Fault Attacks

Security of Hedged Fiat–Shamir Signatures Under Fault Attacks

Continuously non-malleable codes with split-state refresh

Non-Malleable Codes for Space-Bounded Tampering

Contact Info

Product

Resources

About