Information and Communications Security

Algebraic side-channel attacks are a type of side-channel analysis which can recover the secret information with a small number of samples (e.g., power traces). However, this type of side-channel analysis is sensitive to measurement errors which may make the attacks fail. In this paper, we propose a new method of algebraic side-channel attacks which considers noisy leakages as integers restricted to intervals and finds out the secret information with the help of a constraint programming compiler named BEE. To demonstrate the efficiency of this new method in algebraic side-channel attacks, we analyze some popular implementations of block ciphers—PRESENT, AES, and SIMON under the Hamming weight or Hamming distance leakage model. For AES, our method requires the least leakages compared with existing works under the same error model. For both PRESENT and SIMON, we provide the first analytical results of them under algebraic side-channel attacks in the presence of errors. To further demonstrate the wide applicability of this new method, we also extend it to cold boot attacks. In the cold boot attacks against AES, our method increases the success rate by over 25 % than previous works.

[1]  William Millan,et al.  The LILI-II Keystream Generator , 2002, ACISP.

[2]  Lei Hu,et al.  Further properties of several classes of Boolean functions with optimum algebraic immunity , 2009, Des. Codes Cryptogr..

[3]  Stefan Katzenbeisser,et al.  Privacy preserving error resilient dna searching through oblivious automata , 2007, CCS '07.

[4]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[5]  Hari Balakrishnan,et al.  CryptDB: processing queries on an encrypted database , 2012, CACM.

[6]  Ernesto Damiani,et al.  AS5: A Secure Searchable Secret Sharing Scheme for Privacy Preserving Database Outsourcing , 2012, DPM/SETOP.

[7]  Babak Sadeghiyan,et al.  An Efficient Protocol for Oblivious DFA Evaluation and Applications , 2012, CT-RSA.

[8]  Lei Hu,et al.  More Balanced Boolean Functions With Optimal Algebraic Immunity and Good Nonlinearity and Resistance to Fast Algebraic Attacks , 2011, IEEE Transactions on Information Theory.

[9]  Subhamoy Maitra,et al.  Basic Theory in Construction of Boolean Functions with Maximum Possible Annihilator Immunity , 2006, Des. Codes Cryptogr..

[10]  Haibin Kan,et al.  On Symmetric Boolean Functions With High Algebraic Immunity on Even Number of Variables , 2011, IEEE Transactions on Information Theory.

[11]  Claude Carlet,et al.  An Infinite Class of Balanced Functions with Optimal Algebraic Immunity, Good Immunity to Fast Algebraic Attacks and Good Nonlinearity , 2008, ASIACRYPT.

[12]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[13]  Tal Rabin,et al.  Simplified VSS and fast-track multiparty computations with applications to threshold cryptography , 1998, PODC '98.

[14]  Louis Goubin,et al.  Guess-and-Determine Algebraic Attack on the Self-Shrinking Generator , 2008, FSE.

[15]  Claude Carlet,et al.  Algebraic Attacks and Decomposition of Boolean Functions , 2004, EUROCRYPT.

[16]  V. Strassen Gaussian elimination is not optimal , 1969 .

[17]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[18]  Michael K. Reiter,et al.  Third-Party Private DFA Evaluation on Encrypted Files in the Cloud , 2012, ESORICS.

[19]  Don Coppersmith,et al.  Matrix multiplication via arithmetic progressions , 1987, STOC.

[20]  Tomas Toft,et al.  Secure Equality and Greater-Than Tests with Sublinear Online Complexity , 2013, ICALP.

[21]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[22]  Frederik Armknecht,et al.  Efficient Computation of Algebraic Immunity for Algebraic and Fast Algebraic Attacks , 2006, EUROCRYPT.

[23]  Ahmad-Reza Sadeghi,et al.  TASTY: tool for automating secure two-party computations , 2010, CCS '10.

[24]  Xiaohu Tang,et al.  Highly Nonlinear Boolean Functions With Optimal Algebraic Immunity and Good Behavior Against Fast Algebraic Attacks , 2013, IEEE Transactions on Information Theory.

[25]  Elaine Shi,et al.  Automating Efficient RAM-Model Secure Computation , 2014, 2014 IEEE Symposium on Security and Privacy.

[26]  Craig Gentry,et al.  Homomorphic Evaluation of the AES Circuit , 2012, IACR Cryptol. ePrint Arch..

[27]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[28]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[29]  Nathan Chenette,et al.  Order-Preserving Symmetric Encryption , 2009, IACR Cryptol. ePrint Arch..

[30]  Nicholas Kolokotronis,et al.  Secondary constructions of Boolean functions with maximum algebraic immunity , 2013, Cryptography and Communications.

[31]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[32]  Willi Meier,et al.  Fast Algebraic Attacks on Stream Ciphers with Linear Feedback , 2003, CRYPTO.

[33]  Lior Malka,et al.  VMCrypt: modular software architecture for scalable secure computation , 2011, CCS '11.

[34]  Helger Lipmaa,et al.  First CPIR Protocol with Data-Dependent Computation , 2009, ICISC.

[35]  Aoying Zhou,et al.  Privacy Preserving Query Processing on Secret Share Based Data Storage , 2011, DASFAA.

[36]  Panagiotis Rizomiliotis On the security of the Feng–Liao–Yang Boolean functions with optimal algebraic immunity against fast algebraic attacks , 2010, Des. Codes Cryptogr..

[37]  Marcel Keller,et al.  Efficient, Oblivious Data Structures for MPC , 2014, IACR Cryptol. ePrint Arch..

[38]  Brent Waters,et al.  Functional Encryption for Regular Languages , 2012, CRYPTO.

[39]  John Launchbury,et al.  Efficient lookup-table protocol in secure multiparty computation , 2012, ICFP.

[40]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[41]  Craig Gentry,et al.  Optimizing ORAM and Using It Efficiently for Secure Computation , 2013, Privacy Enhancing Technologies.