Egalitarian Computing

In this paper we explore several contexts where an adversary has an upper hand over the defender by using special hardware in an attack. These include password processing, hard-drive protection, cryptocurrency mining, resource sharing, code obfuscation, etc. We suggest memory-hard computing as a generic paradigm, where every task is amalgamated with a certain procedure requiring intensive access to RAM both in terms of size and (very importantly) bandwidth, so that transferring the computation to GPU, FPGA, and even ASIC brings little or no cost reduction. Cryptographic schemes that run in this framework become egalitarian in the sense that both users and attackers are equal in the price-performance ratio conditions. Based on existing schemes like Argon2 and the recent generalized-birthday proof-of-work, we suggest a generic framework and two new schemes: • MTP, a memory-hard Proof-of-Work based on the memory-hard function with fast verification and short proofs. It can be also used for memory-hard time-lock puzzles. • MHE, the concept of memory-hard encryption, which utilizes available RAM to strengthen the encryption for the low-entropy keys (allowing to bring back 6 letter passwords).

[1]  Moni Naor,et al.  Pricing via Processing or Combatting Junk Mail , 1992, CRYPTO.

[2]  Moni Naor,et al.  On Memory-Bound Functions for Fighting Spam , 2003, CRYPTO.

[3]  David A. Wagner,et al.  A Generalized Birthday Problem , 2002, CRYPTO.

[4]  John Tromp,et al.  Cuckoo Cycle: A Memory Bound Graph-Theoretic Proof-of-Work , 2015, Financial Cryptography Workshops.

[5]  Alex Biryukov,et al.  Tradeoff Cryptanalysis of Memory-Hard Functions , 2015, ASIACRYPT.

[6]  Colin Percival STRONGER KEY DERIVATION VIA SEQUENTIAL MEMORY-HARD FUNCTIONS , 2009 .

[7]  Richard J. Lipton,et al.  Towards uncheatable benchmarks , 1993, [1993] Proceedings of the Eigth Annual Structure in Complexity Theory Conference.

[8]  Salil P. Vadhan,et al.  Publicly verifiable proofs of sequential work , 2013, ITCS '13.

[9]  Luther Martin,et al.  XTS: A Mode of AES for Encrypting Hard Disks , 2010, IEEE Security & Privacy.

[10]  Alex Biryukov,et al.  Asymmetric proof-of-work based on the Generalized Birthday problem , 2017, IACR Cryptol. ePrint Arch..

[11]  Moni Naor,et al.  Pebbling and Proofs of Work , 2005, CRYPTO.

[12]  Damian Vizár,et al.  Online Authenticated-Encryption and its Nonce-Reuse Misuse-Resistance , 2015, CRYPTO.

[13]  Alex Biryukov,et al.  Argon2: New Generation of Memory-Hard Functions for Password Hashing and Other Applications , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[14]  Tanja Lange,et al.  Non-uniform cracks in the concrete: the power of free precomputation , 2012, IACR Cryptol. ePrint Arch..

[15]  M. Sprengers,et al.  Speeding up GPU-based password cracking , 2012 .

[16]  Stefan Dziembowski,et al.  Proofs of Space , 2015, CRYPTO.

[17]  Alex Biryukov,et al.  Equihash: Asymmetric Proof-of-Work Based on the Generalized Birthday Problem , 2016, NDSS.

[18]  Adam Back,et al.  Hashcash - A Denial of Service Counter-Measure , 2002 .

[19]  Leslie G. Valiant,et al.  On Time Versus Space , 1977, JACM.

[20]  Georg Fuchsbauer,et al.  SpaceMint: A Cryptocurrency Based on Proofs of Space , 2018, ERCIM News.

[21]  Martin Mauve,et al.  Offline Submission with RSA Time-Lock Puzzles , 2010, 2010 10th IEEE International Conference on Computer and Information Technology.

[22]  David Blaauw,et al.  Exploring DRAM organizations for energy-efficient and resilient exascale memories , 2013, 2013 SC - International Conference for High Performance Computing, Networking, Storage and Analysis (SC).

[23]  Ronald L. Rivest,et al.  Time-lock Puzzles and Timed-release Crypto , 1996 .

[24]  Ted Wobber,et al.  Moderately hard, memory-bound functions , 2005, TOIT.

[25]  Paul C. van Oorschot,et al.  Parallel Collision Search with Cryptanalytic Applications , 2013, Journal of Cryptology.

[26]  Greg Zaverucha Stronger Password-Based Encryption Using All-or-Nothing Transforms , 2015 .