Information Theoretic Security for Shannon Cipher System under Side-Channel Attacks †

In this paper, we propose a new theoretical security model for Shannon cipher systems under side-channel attacks, where the adversary is not only allowed to collect ciphertexts by eavesdropping the public communication channel but is also allowed to collect the physical information leaked by the devices where the cipher system is implemented on, such as running time, power consumption, electromagnetic radiation, etc. Our model is very robust as it does not depend on the kind of physical information leaked by the devices. We also prove that in the case of one-time pad encryption, we can strengthen the secrecy/security of the cipher system by using an appropriate affine encoder. More precisely, we prove that for any distribution of the secret keys and any measurement device used for collecting the physical information, we can derive an achievable rate region for reliability and security such that if we compress the ciphertext using an affine encoder with a rate within the achievable rate region, then: (1) anyone with a secret key will be able to decrypt and decode the ciphertext correctly, but (2) any adversary who obtains the ciphertext and also the side physical information will not be able to obtain any information about the hidden source as long as the leaked physical information is encoded with a rate within the rate region. We derive our result by adapting the framework of the one helper source coding problem posed and investigated by Ahlswede and Körner (1975) and Wyner (1975). For reliability and security, we obtain our result by combining the result of Csizár (1982) on universal coding for a single source using linear codes and the exponential strong converse theorem of Oohama (2015) for the one helper source coding problem.

[1]  Jean-Sébastien Coron,et al.  Statistics and secret leakage , 2000, TECS.

[2]  Shun Watanabe,et al.  Privacy amplification theorem for bounded storage eavesdropper , 2012, 2012 IEEE Information Theory Workshop.

[3]  Moti Yung,et al.  A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks (extended version) , 2009, IACR Cryptol. ePrint Arch..

[4]  Bagus Santoso,et al.  Information Theoretical Analysis of Side-Channel Attacks to the Shannon Cipher System , 2018, 2018 IEEE International Symposium on Information Theory (ISIT).

[5]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[6]  Te Sun Han,et al.  Universal coding for the Slepian-Wolf data compression system and the strong converse theorem , 1994, IEEE Trans. Inf. Theory.

[7]  Bagus Santoso,et al.  Privacy amplification of distributed encrypted sources with correlated keys , 2017, 2017 IEEE International Symposium on Information Theory (ISIT).

[8]  Imre Csiszár Linear codes for sources and source networks: Error exponents, universal coding , 1982, IEEE Trans. Inf. Theory.

[9]  Silvio Micali,et al.  Physically Observable Cryptography (Extended Abstract) , 2004, TCC.

[10]  Michael Backes,et al.  Formally Bounding the Side-Channel Leakage in Unknown-Message Attacks , 2008, ESORICS.

[11]  Bagus Santoso,et al.  Information Theoretic Security for Side-Channel Attacks to the Shannon Cipher System , 2018, ArXiv.

[12]  Christophe Clavier,et al.  Correlation Power Analysis with a Leakage Model , 2004, CHES.

[13]  Yasutada Oohama,et al.  Exponential Strong Converse for Source Coding with Side Information at the Decoder † , 2018, Entropy.

[14]  Rudolf Ahlswede,et al.  Source coding with side information and a converse for degraded broadcast channels , 1975, IEEE Trans. Inf. Theory.

[15]  Aaron D. Wyner,et al.  On source coding with side information at the decoder , 1975, IEEE Trans. Inf. Theory.

[16]  Yasutada Oohama Strong converse theorems for degraded broadcast channels with feedback , 2015, 2015 IEEE International Symposium on Information Theory (ISIT).

[17]  Yasutada Oohama Exponent function for one helper source coding problem at rates outside the rate region , 2015, 2015 IEEE International Symposium on Information Theory (ISIT).

[18]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[19]  Dakshi Agrawal,et al.  The EM Side-Channel(s) , 2002, CHES.

[20]  Imre Csiszár,et al.  Information Theory - Coding Theorems for Discrete Memoryless Systems, Second Edition , 2011 .

[21]  Imre Csiszár,et al.  Information Theory: A packing lemma and the error exponent in channel coding , 2011 .

[22]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[23]  Yasutada Oohama New Strong Converse for Asymmetric Broadcast Channels , 2016, ArXiv.

[24]  David A. Basin,et al.  An information-theoretic model for adaptive side-channel attacks , 2007, CCS '07.

[25]  Masahito Hayashi,et al.  Exponential Decreasing Rate of Leaked Information in Universal Random Privacy Amplification , 2009, IEEE Transactions on Information Theory.

[26]  Yasutada Oohama Intrinsic Randomness Problem in the Framework of Slepian-Wolf Separate Coding System , 2007, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[27]  Aaron D. Wyner,et al.  The common information of two dependent random variables , 1975, IEEE Trans. Inf. Theory.

[28]  Yasutada Oohama Strong converse exponent for degraded broadcast channels at rates outside the capacity region , 2015, 2015 IEEE International Symposium on Information Theory (ISIT).