Security Against Related Randomness Attacks via Reconstructive Extractors

This paper revisits related randomness attacks against public key encryption schemes as introduced by Paterson, Schuldt and Sibborn PKC 2014. We present a general transform achieving security for public key encryption in the related randomness setting using as input any secure public key encryption scheme in combination with an auxiliary-input reconstructive extractor. Specifically, we achieve security in the function-vector model introduced by Paterson et al., obtaining the first constructions providing CCA security in this setting. We consider instantiations of our transform using the Goldreich-Levin extractor; these outperform the previous constructions in terms of public-key size and reduction tightness, as well as enjoying CCA security. Finally, we also point out that our approach leads to an elegant construction for Correlation Input Secure hash functions, which have proven to be a versatile tool in diverse areas of cryptography.

[1]  Benny Pinkas,et al.  Cryptanalysis of the random number generator of the Windows operating system , 2009, TSEC.

[2]  Dahlia Malkhi,et al.  Hold Your Sessions: An Attack on Java Session-Id Generation , 2005, CT-RSA.

[3]  Hoeteck Wee Public Key Encryption against Related Key Attacks , 2012, Public Key Cryptography.

[4]  David Cash,et al.  Pseudorandom Functions and Permutations Provably Secure against Related-Key Attacks , 2010, CRYPTO.

[5]  Daniel Wichs,et al.  Barriers in cryptography with weak, correlated and leaky sources , 2013, ITCS '13.

[6]  Stefan Lucks Ciphers Secure against Related-Key Attacks , 2004, FSE.

[7]  Tanja Lange,et al.  Factoring RSA keys from certified smart cards: Coppersmith in the wild , 2013, IACR Cryptol. ePrint Arch..

[8]  Thomas Ristenpart,et al.  When Good Randomness Goes Bad: Virtual Machine Reset Vulnerabilities and Hedging Deployed Cryptography , 2010, NDSS.

[9]  Kenneth G. Paterson,et al.  Related-Key Security for Pseudorandom Functions Beyond the Linear Barrier , 2014, Journal of Cryptology.

[10]  David Pointcheval,et al.  Security analysis of pseudo-random number generators with input: /dev/random is not robust , 2013, CCS.

[11]  Arjen K. Lenstra,et al.  Public Keys , 2012, CRYPTO.

[12]  Mihir Bellare,et al.  The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs , 2006, EUROCRYPT.

[13]  Hovav Shacham,et al.  Hedged Public-Key Encryption: How to Protect against Bad Randomness , 2009, ASIACRYPT.

[14]  Kenneth G. Paterson,et al.  Related Randomness Attacks for Public Key Encryption , 2014, IACR Cryptol. ePrint Arch..

[15]  Jörg Schwenk,et al.  Randomly Failed! The State of Randomness in Current Java Implementations , 2013, CT-RSA.

[16]  Yael Tauman Kalai,et al.  Public-Key Encryption Schemes with Auxiliary Inputs , 2010, TCC.

[17]  Adam O'Neill,et al.  Correlated-Input Secure Hash Functions , 2011, TCC.

[18]  Ian Goldberg,et al.  Randomness and the Netscape browser , 1996 .

[19]  Eric Wustrow,et al.  Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices , 2012, USENIX Security Symposium.

[20]  Gil Segev,et al.  Deterministic Public-Key Encryption for Adaptively Chosen Plaintext Distributions , 2013, EUROCRYPT.

[21]  Benny Pinkas,et al.  Analysis of the Linux random number generator , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[22]  Rafail Ostrovsky,et al.  Circular-Secure Encryption from Decision Diffie-Hellman , 2008, CRYPTO.

[23]  Scott Yilek,et al.  Resettable Public-Key Encryption: How to Encrypt on a Virtual Machine , 2010, CT-RSA.

[24]  Yvo Desmedt,et al.  A New Paradigm of Hybrid Encryption Scheme , 2004, CRYPTO.