Public key encryption resilient to leakage and tampering attacks

Abstract In this work, we investigate how to protect public key encryption from both key-leakage attacks and tampering attacks. First, we formalize the notions of chosen ciphertext (CCA) security against key-leakage and tampering attacks. To this goal, we then introduce the concept of key-homomorphic hash proof systems and present a generic construction of public key encryption based on this new primitive. Our construction, compared with previous works, realizes leakage-resilience and tampering-resilience simultaneously but completely independently, so it can tolerate a larger amount of bounded-memory leakage and be instantiated with more flexibility. Moreover, it allows for an unbounded number of affine-tampering queries, even after the challenge phase. With slight adaptations, our construction also achieves CCA security against subexponentially hard auxiliary-input leakage attacks and a polynomial of affine-tampering attacks. Thus, to the best of our knowledge, we get the first public key encryption scheme secure against both auxiliary-input leakage attacks and tampering attacks.

[1]  Siu-Ming Yiu,et al.  Multi-key leakage-resilient threshold cryptography , 2013, ASIA CCS '13.

[2]  Pratyay Mukherjee,et al.  Continuous Non-malleable Codes , 2014, IACR Cryptol. ePrint Arch..

[3]  Shengli Liu,et al.  Leakage-Resilient Chosen-Ciphertext Secure Public-Key Encryption from Hash Proof System and One-Time Lossy Filter , 2013, IACR Cryptol. ePrint Arch..

[4]  Ivan Damgård,et al.  Bounded Tamper Resilience: How to Go beyond the Algebraic Barrier , 2013, ASIACRYPT.

[5]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[6]  Vinod Vaikuntanathan,et al.  Simultaneous Hardcore Bits and Cryptography against Memory Attacks , 2009, TCC.

[7]  Suela Kodra Fuzzy extractors : How to generate strong keys from biometrics and other noisy data , 2015 .

[8]  Stefan Dziembowski,et al.  Leakage-Resilient Cryptography , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[9]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[10]  Stefan Dziembowski,et al.  Non-Malleable Codes , 2018, ICS.

[11]  Yael Tauman Kalai,et al.  Cryptography with Tamperable and Leaky Memory , 2011, CRYPTO.

[12]  Daniel Wichs,et al.  Tamper Detection and Continuous Non-malleable Codes , 2015, TCC.

[13]  Siu-Ming Yiu,et al.  Identity-Based Encryption Resilient to Continual Auxiliary Leakage , 2012, EUROCRYPT.

[14]  Silvio Micali,et al.  Algorithmic Tamper-Proof (ATP) Security: Theoretical Foundations for Security against Hardware Tampering , 2004, TCC.

[15]  Siu-Ming Yiu,et al.  Identity-Based Encryption with Post-Challenge Auxiliary Inputs for Secure Cloud Applications and Sensor Networks , 2014, ESORICS.

[16]  David Cash,et al.  Pseudorandom Functions and Permutations Provably Secure against Related-Key Attacks , 2010, CRYPTO.

[17]  Yi Mu,et al.  Functional Encryption Resilient to Hard-to-Invert Leakage , 2015, Comput. J..

[18]  Stefan Dziembowski,et al.  Leakage-Resilient Non-malleable Codes , 2015, TCC.

[19]  Fabrice Benhamouda,et al.  An Algebraic Framework for Pseudorandom Functions and Applications to Related-Key Security , 2015, CRYPTO.

[20]  Yevgeniy Dodis,et al.  Efficient Public-Key Cryptography in the Presence of Key Leakage , 2010, ASIACRYPT.

[21]  Moni Naor,et al.  Public-Key Cryptosystems Resilient to Key Leakage , 2009, SIAM J. Comput..

[22]  Rafail Ostrovsky,et al.  Circular-Secure Encryption from Decision Diffie-Hellman , 2008, CRYPTO.

[23]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[24]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[25]  Dawu Gu,et al.  Efficient Leakage-Resilient Identity-Based Encryption with CCA Security , 2013, Pairing.

[26]  Yael Tauman Kalai,et al.  Public-Key Encryption Schemes with Auxiliary Inputs , 2010, TCC.

[27]  Ronald Cramer,et al.  Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption , 2001, EUROCRYPT.

[28]  Moni Naor,et al.  Public-Key Encryption in the Bounded-Retrieval Model , 2010, EUROCRYPT.

[29]  David Cash,et al.  Cryptography Secure Against Related-Key Attacks and Tampering , 2011, IACR Cryptol. ePrint Arch..

[30]  Daniel Wichs,et al.  Efficient Non-Malleable Codes and Key Derivation for Poly-Size Tampering Circuits , 2014, IEEE Transactions on Information Theory.

[31]  Dawu Gu,et al.  Efficient chosen ciphertext secure identity-based encryption against key leakage attacks , 2016, Secur. Commun. Networks.

[32]  Silvio Micali,et al.  Physically Observable Cryptography (Extended Abstract) , 2004, TCC.

[33]  Kenneth G. Paterson,et al.  RKA Security beyond the Linear Barrier: IBE, Encryption and Signatures , 2012, IACR Cryptol. ePrint Arch..

[34]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[35]  Shengli Liu,et al.  Leakage-Flexible CCA-secure Public-Key Encryption: Simple Construction and Free of Pairing , 2014, Public Key Cryptography.

[36]  Dawu Gu,et al.  Fully Secure Wicked Identity-Based Encryption Against Key Leakage Attacks , 2015, Comput. J..

[37]  Hoeteck Wee,et al.  KDM-Security via Homomorphic Smooth Projective Hashing , 2016, Public Key Cryptography.

[38]  Ariel J. Feldman,et al.  Lest we remember: cold-boot attacks on encryption keys , 2008, CACM.

[39]  Zvika Brakerski,et al.  Circular and Leakage Resilient Public-Key Encryption Under Subgroup Indistinguishability (or: Quadratic Residuosity Strikes Back) , 2010, IACR Cryptol. ePrint Arch..

[40]  Mihir Bellare,et al.  A Theoretical Treatment of Related-Key Attacks: RKA-PRPs, RKA-PRFs, and Applications , 2003, EUROCRYPT.

[41]  Tsz Hon Yuen,et al.  Continuous Non-malleable Key Derivation and Its Application to Related-Key Security , 2015, Public Key Cryptography.

[42]  Feng-Hao Liu,et al.  Tamper and Leakage Resilience in the Split-State Model , 2012, IACR Cryptol. ePrint Arch..

[43]  Yael Tauman Kalai,et al.  On cryptography with auxiliary input , 2009, STOC '09.