Leakage-resilient Signatures Vinod Vaikuntanathan (IBM) Jonathan Katz (IBM & Univ. of Maryland)
Feb 25, 2016
Leakage-resilient Signatures
Vinod Vaikuntanathan(IBM)
Jonathan Katz(IBM & Univ. of Maryland)
Leakage-resilient Crypto
Crypto Device
Secret-Memory=SK+…
L
L(SM)
L: any polynomial-size circuit
1. What leaks?
2. How much?
L(SK) Secret-Key
[MR’03,DP’08,P’09,AGV’09,…]
[Riv’97,B’99,CDH+’00,ISW’03,FRT’09,RV’09]
L: smaller class of circuits
Models of Leakage
Computational Leakage
[MR’03]
Memory Leakage
[HSH+’08, AGV’09]
What leaks?
“All secret memory leaks”
“Only computation
leaks information” Bounde
dContinua
lTotal leakage
< α(|secret|)
Leakage in any time-period < α(|
secret|)
How much?
Models of Leakage
Computational Leakage
[MR’03]
Memory Leakage
[HSH+’08, AGV’09]
Bounded
Continual
[AGV’09, NS’09, ADW’09]
This Work
[MR’03, DP’08,P’09,FKPR’09]
Leakage-Resilient Signatures
GMR-security
AdvL
L(SK)
PK
against bounded α(.)-memory attacks
mSign(m)
(m*,σ*)
For every PPT Adv, if |L(SK)| ≤ α(|SK|), Pr[Adv wins] is negligible.
Comp. Leakage
Memory Leakage
Bounded
Continual
[ADW’09]
[FKPR’09]
[ADW’09]Bounded (1/2-ε)n memory leakage, in random oracle
model[FKPR’09]Continual α(n) comp. leakage, assuming 2α(n)-hardness
Leakage-Resilient Signatures
Our Results
A New Scheme GMR-secure
Assumption: Semantically secure enc. + NIZK
(1-ε) fraction leakage,∀ε>0
An Old Scheme (+ tweaks)
≈ 1/4 fraction leakage Assumption: One-way functions
one-time signature (generally, t-time)
Setting: bounded, memory leakage
(and more…)
Our Results
Theorem
[FKPR’09]Bounded α(n) leakage ⇒ Continual α(n)/3 comp. leakage (3-time sig) (fully-secure
sig)
Computational
Leakage
Memory
Leakage
Bounded
Continual
This Work
This Work +
[FKPR’09]
Leakage-resilient One-way Functions
Definition:Hard to invert f given L(x), for any L s.t. |L(x)| ≤ α(n).
Lemma: Any UOWHF is a leakage-resilient OWF.
“Proof”: (for CRHFs)- h:{0,1}n → {0,1}n/2 is a CRHF- L:{0,1}n → {0,1}n/2-1 is any leakage function- x has min-entropy n/2 given h(x)- x has min-entropy ≥ 1 given h(x) and L(x)- Given h(x) and L(x), an inverter returns x'≠x w.p ≥ 1/2
Fully-secure Signature
Sign(m):
Assumptions:
SK: PK:x є {0,1}n
(h, h(x), PKenc, CRSnizk)
UOWHF+Public-key Encryption+Simulation-sound NIZK [BFM,Sahai]
C = Enc(PKenc,(x,m))Π = Proof in SS-NIZK that “∃x s.t PK contains h(x) and C is the enc. of (x,m)”Output (C, Π).
Proof of Security
Signature contains no (computational) info. on SK
Three Ideas:
AdvL(x)PK=(h,h(x),…)
m
σ=(Enc(x,m),Π)
(m*,σ*
)
- NIZK proof Π is simulatable- Enc(x,m) ≈c Enc(0,m)
σ=(Enc(0,m),Π)
Proof of Security
Signature contains no (computational) info. on SK
Three Ideas:
AdvL(x)PK=(h,h(x),…)
(m*,σ*
)
Forgery ⇒ extract a secret-key.
σ* contains Enc(x*,m*)where h(x*)=h(x)
- simulation-soundness
Proof of Security
Signature contains no (computational) info. on SK
Three Ideas:
AdvL(x)PK=(h,h(x),…)
x* s.t. h(x*)=h(x)
Forgery ⇒ extract a secret-key.- simulation-soundness
Proof of Security
Signature contains no (computational) info. on SK
Three Ideas:
AdvL(x)PK=(h,h(x),…)
x* s.t. h(x*)=h(x)
Forgery ⇒ extract a secret-key.
UOWHF = Leakage-resilient OWF.Contradiction.
A Recipe?
H∞[SK given Adv’s view] is non-zero Forgery ⇒ extract a
secret-key Finding two SK’s for a PK is an “attack”
Leakage-resilientSignature
Given signature scheme s.t.
One-time Signature
Sign(m1…mn) = (x1,0 x2,1 … xn,0)=01…0
xn,0x1,0 x2,0
Assumption: OWF f
SK: PK:x1,1
…… xn,1x2,1
y1,0y1,1
… yn,0… yn,1
y2,0y2,1
(where yi,j = f(xi,j))(xi,j unif. random)
Q: Is Lamport leakage-resilient?
(based on Lamport’78)
One-time Signature
Sign(01…0)
Leakage
+
Sign(11…0)
!
xn,0x1,0 x2,0
Assumption: OWF f
SK: PK:x1,1
…… xn,1x2,1
y1,0y1,1
… yn,0… yn,1
y2,0y2,1
(based on Lamport’78)
xn,0x1,0 x2,0
Assumption: OWF f
SK: PK:x1,1
…… xn,1x2,1
y1,0y1,1
… yn,0… yn,1
y2,0y2,1
One-time Signature
Sign'(m) =
Sign(ECC(m))
(based on Lamport’78)
One-time Signature
Sign'(m) =
Sign(ECC(m))
xn,0x1,0 x2,0
Assumption: OWF f
SK: PK:x1,1
…… xn,1x2,1
y1,0y1,1
… yn,0… yn,1
y2,0y2,1
Still insecure:Consider f(x) that ignores 99% of x; outputs OWF(1% of x).Solution: Let f be a leakage-resilient OWF (=UOWHF)
(based on Lamport’78)
xn,0x1,0 x2,0
Assumption: UOWHF h (=OWF [NY,R])
SK: PK:x1,1
…… xn,1x2,1
y1,0y1,1
… yn,0… yn,1
y2,0y2,1
One-time Signature
Sign'(m) =
Sign(ECC(m))
(based on Lamport’78)
An Open Question
Computational
Leakage
Memory
Leakage
Bounded
Continual
This Work
This Work +
[FKPR’09]
This Work:
Bounded, memory leakage+FKPR’09
:Continual, computational
leakageBest of both worlds?
?
Thanks!