Efficient Leakage Resilient Circuit Compilers

In this paper, we revisit the problem of constructing general leakage resilient compilers that can transform any (Boolean) circuit \(C\) into a protected circuit \(C'\) computing the same functionality as \(C\), which additionally is resilient to certain classes of leakage functions. An important problem that has been neglected in most works on leakage resilient circuits is to minimize the overhead induced by the compiler. In particular, in earlier works for a circuit \(C\) of size \(s\), the transformed circuit \(C'\) has size at least \(\mathcal {O}(sk^2)\), where \(k\) is the security parameter. In this work, using techniques from secure Multi-Party Computation, we show that in important leakage models such as bounded independent leakage and leakage from weak complexity classes the size of the transformed circuit can be reduced to \(\mathcal {O}(sk)\).

[1]  Yi Liu,et al.  An improved protocol for optimistic multi-party fair exchange , 2011, Proceedings of 2011 International Conference on Electronic & Mechanical Engineering and Information Technology.

[2]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[3]  Emmanuel Prouff,et al.  Higher-Order Glitches Free Implementation of the AES Using Secure Multi-party Computation Protocols , 2011, CHES.

[4]  Thomas Jensen,et al.  Smart Card Programming and Security , 2001, Lecture Notes in Computer Science.

[5]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[6]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[7]  François-Xavier Standaert,et al.  Masking vs. multiparty computation: how large is the gap for AES? , 2013, Journal of Cryptographic Engineering.

[8]  Silvio Micali,et al.  Physically Observable Cryptography (Extended Abstract) , 2004, TCC.

[9]  Phong Q. Nguyen,et al.  Advances in Cryptology – EUROCRYPT 2013 , 2013, Lecture Notes in Computer Science.

[10]  Ran Canetti,et al.  Advances in Cryptology – CRYPTO 2012 , 2012, Lecture Notes in Computer Science.

[11]  Iddo Bentov,et al.  How to Use Bitcoin to Design Fair Protocols , 2014, CRYPTO.

[12]  John P. Steinberger,et al.  The preimage security of double-block-length compression functions , 2011, IACR Cryptol. ePrint Arch..

[13]  Eric Miles,et al.  Shielding circuits with groups , 2013, STOC '13.

[14]  Naomi Benger,et al.  "Ooh Aah... Just a Little Bit" : A Small Amount of Side Channel Can Go a Long Way , 2014, CHES.

[15]  Guy N. Rothblum,et al.  How to Compute under ${\cal{AC}}^{\sf0}$ Leakage without Secure Hardware , 2012, CRYPTO.

[16]  Emmanuela Orsini,et al.  Dishonest Majority Multi-Party Computation for Binary Circuits , 2014, IACR Cryptol. ePrint Arch..

[17]  Emmanuel Prouff,et al.  Masking against Side-Channel Attacks: A Formal Security Proof , 2013, EUROCRYPT.

[18]  Elisabeth Oswald,et al.  Advances in Cryptology – EUROCRYPT 2014 , 2014, Lecture Notes in Computer Science.

[19]  Stefan Dziembowski,et al.  Leakage-Resilient Circuits without Computational Assumptions , 2012, TCC.

[20]  Michael Waidner,et al.  Round-Optimal and Abuse Free Optimistic Multi-party Contract Signing , 2000, ICALP.

[21]  Robert H. Deng,et al.  Multi-party fair exchange with an off-line trusted neutral party , 1999, Proceedings. Tenth International Workshop on Database and Expert Systems Applications. DEXA 99.

[22]  Stefan Dziembowski,et al.  Leakage-Resilient Cryptography , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[23]  Stefan Mangard,et al.  Cryptographic Hardware and Embedded Systems, CHES 2010, 12th International Workshop, Santa Barbara, CA, USA, August 17-20, 2010. Proceedings , 2010, CHES.

[24]  Yevgeniy Vahlis,et al.  On Protecting Cryptographic Keys Against Continual Leakage , 2010, IACR Cryptol. ePrint Arch..

[25]  Yuval Ishai,et al.  Perfectly Secure Multiparty Computation and the Computational Overhead of Cryptography , 2010, IACR Cryptol. ePrint Arch..

[26]  Tal Rabin Advances in Cryptology - CRYPTO 2010, 30th Annual Cryptology Conference, Santa Barbara, CA, USA, August 15-19, 2010. Proceedings , 2010, CRYPTO.

[27]  Vinod Vaikuntanathan,et al.  Protecting Circuits from Leakage: the Computationally-Bounded and Noisy Cases , 2010, EUROCRYPT.

[28]  Daniel Genkin,et al.  Get your hands off my laptop: physical side-channel key-extraction attacks on PCs , 2014, Journal of Cryptographic Engineering.

[29]  Emmanuel Prouff,et al.  Provably Secure Higher-Order Masking of AES , 2010, IACR Cryptol. ePrint Arch..

[30]  Guy N. Rothblum,et al.  Securing Computation against Continuous Leakage , 2010, CRYPTO.

[31]  Neal Koblitz,et al.  Advances in Cryptology — CRYPTO ’96 , 2001, Lecture Notes in Computer Science.

[32]  Yuval Ishai,et al.  Private Circuits: Securing Hardware against Probing Attacks , 2003, CRYPTO.

[33]  Gilles Zémor,et al.  High-order Masking by Using Coding Theory and Its Application to AES , 2013, IMACC.

[34]  N. Asokan,et al.  Optimistic protocols for fair exchange , 1997, CCS '97.

[35]  Colin Boyd,et al.  Cryptography and Coding , 1995, Lecture Notes in Computer Science.

[36]  Pankaj Rohatgi,et al.  Towards Sound Approaches to Counteract Power-Analysis Attacks , 1999, CRYPTO.

[37]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[38]  Stefan Dziembowski,et al.  Leakage-Resilient Cryptography From the Inner-Product Extractor , 2011, IACR Cryptol. ePrint Arch..

[39]  Elisabeth Oswald,et al.  Profiling DPA: Efficacy and Efficiency Trade-Offs , 2013, CHES.

[40]  Shlomo Shamai,et al.  Information Theoretic Security , 2009, Found. Trends Commun. Inf. Theory.

[41]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[42]  Stefan Dziembowski,et al.  Leakage-Resilient Storage , 2010, SCN.

[43]  Ivan Damgård,et al.  On the Amortized Complexity of Zero Knowledge Protocols for Multiplicative Relations , 2012, ICITS.

[44]  Arnold Schönhage,et al.  Schnelle Multiplikation von Polynomen über Körpern der Charakteristik 2 , 1977, Acta Informatica.

[45]  Marcin Andrychowicz,et al.  Secure Multiparty Computations on Bitcoin , 2014, IEEE Symposium on Security and Privacy.

[46]  Yehuda Lindell,et al.  More Efficient Constant-Round Multi-Party Computation from BMR and SHE , 2016, IACR Cryptol. ePrint Arch..

[47]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[48]  Henri Gilbert,et al.  Advances in Cryptology - EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco / French Riviera, May 30 - June 3, 2010. Proceedings , 2010, EUROCRYPT.

[49]  Adi Shamir,et al.  RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis , 2014, CRYPTO.

[50]  Matthew K. Franklin,et al.  Communication complexity of secure computation (extended abstract) , 1992, STOC '92.

[51]  Guy N. Rothblum,et al.  How to Compute in the Presence of Leakage , 2012, 2012 IEEE 53rd Annual Symposium on Foundations of Computer Science.

[52]  Tsuyoshi Takagi,et al.  Cryptographic Hardware and Embedded Systems - CHES 2011 - 13th International Workshop, Nara, Japan, September 28 - October 1, 2011. Proceedings , 2011, CHES.