Physically Observable Cryptography (Extended Abstract)

Complexity-theoretic cryptography considers only abstract notions of computation, and hence cannot protect against attacks that exploit the information leakage (via electromagnetic fields, power con- sumption, etc.) inherent in the physical execution of any cryptographic al- gorithm. Such "physical observation attacks" bypass the impressive bar- rier of mathematical security erected so far, and successfully break math- ematically impregnable systems. The great practicality and the inherent availability of physical attacks threaten the very relevance of complexity- theoretic security. To respond to the present crisis, we put forward physically observable cryptography: a powerful, comprehensive, and precise model for defining and delivering cryptographic security against an adversary that has ac- cess to information leaked from the physical execution of cryptographic algorithms. Our general model allows for a variety of adversaries. In this paper, however, we focus on the strongest possible adversary, so as to capture what is cryptographically possible in the worst possible, physi- cally observable setting. In particular, we - consider an adversary that has full (and indeed adaptive) access to any leaked information; - show that some of the basic theorems and intuitions of traditional cryptography no longer hold in a physically observable setting; and - construct pseudorandom generators that are provably secure against all physical-observation attacks.

[1]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[2]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[3]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[4]  Yuval Ishai,et al.  Private Circuits: Securing Hardware against Probing Attacks , 2003, CRYPTO.

[5]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[6]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[7]  Johan Hstad,et al.  Construction of a pseudo-random generator from any one-way function , 1989 .

[8]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[9]  George S. Taylor,et al.  Improving smart card security using self-timed circuits , 2002, Proceedings Eighth International Symposium on Asynchronous Circuits and Systems.

[10]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[11]  Andrew Chi-Chih Yao,et al.  Theory and Applications of Trapdoor Functions (Extended Abstract) , 1982, FOCS.

[12]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[13]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[14]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[15]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[16]  Markus G. Kuhn,et al.  Tamper resistance: a cautionary note , 1996 .

[17]  Oded Goldreich,et al.  RSA and Rabin Functions: Certain Parts are as Hard as the Whole , 1988, SIAM J. Comput..

[18]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[19]  John Rompel,et al.  One-way functions are necessary and sufficient for secure signatures , 1990, STOC '90.

[20]  Leonid A. Levin,et al.  A Pseudorandom Generator from any One-way Function , 1999, SIAM J. Comput..

[21]  D. S. Johnson,et al.  Proceedings of the twenty-first annual ACM symposium on Theory of computing , 1989, STOC 1989.

[22]  Silvio Micali,et al.  On-line/off-line digital signatures , 1996, Journal of Cryptology.

[23]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[24]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[25]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[26]  Ralph Howard,et al.  Data Encryption Standard , 1987, Definitions.

[27]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[28]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[29]  Silvio Micali,et al.  Algorithmic Tamper-Proof (ATP) Security: Theoretical Foundations for Security against Hardware Tampering , 2004, TCC.

[30]  Markus G. Kuhn,et al.  Low Cost Attacks on Tamper Resistant Devices , 1997, Security Protocols Workshop.