Tamper and Leakage Resilience in the Split-State Model

Liu, Feng-Hao; Lysyanskaya, Anna

doi:10.1007/978-3-642-32009-5_30

Cited by 109 publications

(132 citation statements)

References 40 publications

(70 reference statements)

Supporting

Mentioning

130

Contrasting

Order By: Relevance

“…That is, the adversary picks two polynomial-time computable functions T 0 and T 1 and replaces the state (X 0 , X 1 ) with the tampered state (T 0 (X 0 ), T 1 (X 1 )). Similar to the earlier work of Liu and Lysyanskaya [24] our construction assumes a public untamperable CRS. Notice that this is a rather mild assumption as the CRS can be hard-wired into the functionality and is independent of any secret data.…”

Section: Our Contributionmentioning

confidence: 90%

“…As discussed above one main application of non-malleable codes is to protect cryptographic schemes against tampering with the secret key [17,24]. Consider a reactive functionality G with secret state st that can be executed on input m, e.g., G may be the AES with key st encrypting messages m. Using a non-malleable code earlier work showed how to transform the functionality (G, st ) into a functionality (G Code , X) that is secure against tampering with X.…”

Section: Continuous Non-malleable Codesmentioning

confidence: 99%

“…Various recent works study the split-state model for non-malleable codes [24,15,1] (see more details on related work in Section 1.2). In the split-state tampering model, the codeword consists of two halves X 0 and X 1 that are stored on two different parts of the memory.…”

Section: Our Contributionmentioning

confidence: 99%

“…The first construction of (one-shot) split-state non-malleable codes in the standard model was given by Liu and Lysyanskaya [24]. At a high-level the construction encrypts the input x with a leakage resilient encryption scheme and generates a non-interactive zero-knowledge proof of knowledge showing that (a) the public/secret key of the PKE are valid, and (b) the ciphertext is an encryption of x under the public key.…”

Section: Our Contributionmentioning

confidence: 99%

“…In recent years, a growing body of work (see [21,22,17,24,1,2,19] and many more) develop new cryptographic techniques that protect against tampering attacks. Non-malleable codes introduced by Dziembowski, Pietrzak and Wichs [17] are an important approach to achieve this goal.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Continuous Non-malleable Codes

Faust

Mukherjee

Nielsen

et al. 2014

Theory of Cryptography

118

View full text Add to dashboard Cite

Abstract. Non-malleable codes are a natural relaxation of error correcting/detecting codes that have useful applications in the context of tamper resilient cryptography. Informally, a code is non-malleable if an adversary trying to tamper with an encoding of a given message can only leave it unchanged or modify it to the encoding of a completely unrelated value. This paper introduces an extension of the standard non-malleability security notion -so-called continuous non-malleability -where we allow the adversary to tamper continuously with an encoding. This is in contrast to the standard notion of non-malleable codes where the adversary only is allowed to tamper a single time with an encoding. We show how to construct continuous non-malleable codes in the common split-state model where an encoding consist of two parts and the tampering can be arbitrary but has to be independent with both parts. Our main contributions are outlined below:1. We propose a new uniqueness requirement of split-state codes which states that it is computationally hard to find two codewords X = (X0, X1) and X = (X0, X 1 ) such that both codewords are valid, but X0 is the same in both X and X . A simple attack shows that uniqueness is necessary to achieve continuous non-malleability in the split-state model. Moreover, we illustrate that none of the existing constructions satisfies our uniqueness property and hence is not secure in the continuous setting. 2. We construct a split-state code satisfying continuous non-malleability.Our scheme is based on the inner product function, collision-resistant hashing and non-interactive zero-knowledge proofs of knowledge and requires an untamperable common reference string. 3. We apply continuous non-malleable codes to protect arbitrary cryptographic primitives against tampering attacks. Previous applications of non-malleable codes in this setting required to perfectly erase the entire memory after each execution and required the adversary to be restricted in memory. We show that continuous non-malleable codes avoid these restrictions.

show abstract

Section: Our Contributionmentioning

confidence: 90%

Section: Continuous Non-malleable Codesmentioning

confidence: 99%