Tamper Resilient Circuits: The Adversary at the Gates

We initiate the investigation of gate-tampering attacks against cryptographic circuits. Our model is motivated by the plausibility of tampering directly with circuit gates and by the increasing use of tamper resilient gates among the known constructions that are shown to be resilient against wire-tampering adversaries. We prove that gate-tampering is strictly stronger than wire-tampering. On the one hand, we show that there is a gate-tampering strategy that perfectly simulates any given wire-tampering strategy. On the other, we construct families of circuits over which it is impossible for any wire-tampering attacker to simulate a certain gate-tampering attack (that we explicitly construct). We also provide a tamper resilience impossibility result that applies to both gate and wire tampering adversaries and relates the amount of tampering to the depth of the circuit. Finally, we show that defending against gate-tampering attacks is feasible by appropriately abstracting and analyzing the circuit compiler of Ishai et al. [18] in a manner which may be of independent interest. Specifically, we first introduce a class of compilers that, assuming certain well defined tamper resilience characteristics against a specific class of attackers, can be shown to produce tamper resilient circuits against that same class of attackers. Then, we describe a compiler in this class for which we prove that it possesses the necessary tamper-resilience characteristics against gate-tampering attackers.

[1]  Richard J. Lipton,et al.  On the Importance of Checking Cryptographic Protocols for Faults (Extended Abstract) , 1997, EUROCRYPT.

[2]  Markus G. Kuhn,et al.  Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations , 1998, Information Hiding.

[3]  Ross J. Anderson,et al.  Optical Fault Induction Attacks , 2002, CHES.

[4]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[5]  Jean-Jacques Quisquater,et al.  ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards , 2001, E-smart.

[6]  Silvio Micali,et al.  Physically Observable Cryptography (Extended Abstract) , 2004, TCC.

[7]  Daniele Venturi,et al.  Tamper-Proof Circuits: How to Trade Leakage for Tamper-Resilience , 2011, ICALP.

[8]  Yuval Ishai,et al.  Private Circuits: Securing Hardware against Probing Attacks , 2003, CRYPTO.

[9]  Nicholas Pippenger,et al.  On networks of noisy gates , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[10]  Stefan Dziembowski,et al.  Non-Malleable Codes , 2018, ICS.

[11]  Bruce Schneier,et al.  Side channel cryptanalysis of product ciphers , 2000 .

[12]  Eli Ben-Sasson,et al.  Robust PCPs of Proximity, Shorter PCPs, and Applications to Coding , 2004, SIAM J. Comput..

[13]  Francis Olivier,et al.  Electromagnetic Analysis: Concrete Results , 2001, CHES.

[14]  Yuval Ishai,et al.  Private Circuits II: Keeping Secrets in Tamperable Circuits , 2006, EUROCRYPT.

[15]  Andrew W. Appel,et al.  Using memory errors to attack a virtual machine , 2003, 2003 Symposium on Security and Privacy, 2003..

[16]  Pankaj Rohatgi,et al.  EMpowering Side-Channel Attacks , 2001, IACR Cryptol. ePrint Arch..

[17]  Jonathan Katz,et al.  Introduction to Modern Cryptography: Principles and Protocols , 2007 .

[18]  Silvio Micali,et al.  Algorithmic Tamper-Proof (ATP) Security: Theoretical Foundations for Security against Hardware Tampering , 2004, TCC.

[19]  Yael Tauman Kalai,et al.  Securing Circuits against Constant-Rate Tampering , 2012, CRYPTO.

[20]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[21]  Anna Gál,et al.  Lower bounds for the complexity of reliable Boolean circuits with noisy gates , 1991, [1991] Proceedings 32nd Annual Symposium of Foundations of Computer Science.

[22]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[23]  Silvio Micali,et al.  Physically Observable Cryptography , 2003, IACR Cryptol. ePrint Arch..

[24]  Péter Gács,et al.  Lower bounds for the complexity of reliable Boolean circuits with noisy gates , 1994, IEEE Trans. Inf. Theory.

[25]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[26]  Jean-Pierre Seifert,et al.  Fault Based Cryptanalysis of the Advanced Encryption Standard (AES) , 2003, Financial Cryptography.

[27]  Aggelos Kiayias,et al.  BiTR: Built-in Tamper Resilience , 2011, IACR Cryptol. ePrint Arch..

[28]  Feng-Hao Liu,et al.  Algorithmic Tamper-Proof Security under Probing Attacks , 2010, SCN.

[29]  Richard J. Lipton,et al.  On the Importance of Eliminating Errors in Cryptographic Computations , 2015, Journal of Cryptology.

[30]  Markus G. Kuhn,et al.  Tamper resistance: a cautionary note , 1996 .

[31]  Anna Gál,et al.  Fault tolerant circuits and probabilistically checkable proofs , 1995, Proceedings of Structure in Complexity Theory. Tenth Annual IEEE Conference.

[32]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[33]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.