Input-shrinking functions: theory and application PhD candidate: Francesco Davì Thesis committee:...

Input-shrinking functions: theory and application

PhD candidate: Francesco Davì

Thesis committee:Dr. Stefan Dziembowski (advisor)Prof. Luigi Vincenzo ManciniProf. Alessandro Mei

Reviewers:Prof. Mirosław KutiłowskiDr. Ivan Visconti

Rome, 02/03/2012

Computer Science DepartmentSapienza University of Rome

PhD Activity

Cryptography on Non-Trusted Machines Project

• F. Davì, S. Dziembowski and D. Venturi: Leakage-Resilient Storage, J. Garay and R. De Prisco editor, Seventh Conference on Security and Cryptography for Networks (SCN2010), LNCS 6280, Springer 2010;

Input-shrinking functions: theory and application Francesco Davì

Conferences, workshops and schools• Seventh Conference on Security and Cryptography for Networks, (SCN

2010), Amalfi, 13-15 September 2010;

• Workshop on Provable Security against Physical Attacks, Leiden, 15-19 February 2010;

• Theory of Cryptography Conference (TCC2010), Zurich, 9-11 February 2010;

• Summer School On Provable Security, Barcelona, 7-11 September 2009;

• Bertinoro international Spring School (BiSS 2009), Bertinoro, 2-6 March 2009;

• Berlin-Poznan Seminar / ASZ Workshop 2008, “Humboldt-Universität", Berlin, 20-21 June 2008.


Experiences abroad

• May - July 2011: visiting student: Cryptography and Data Security Group, "Uniwersytet Warszawski", Warsaw, Poland;

• May - June 2008: Methods for Discrete Structures (Pre)Doc-Course 2008 on: Random and Quasirandom Graphs, "Humboldt-Universität", Berlin, Germany.


Outline

1. Introduction and Motivations2. Leakage-Resilient Storage3. Authenticated Key Exchange protocol in

the Bounded-Retrieval Model


Cryptography

Design of secure cryptographic schemes

For long time, mostly based on intuition and experience

Solutions broken in short time


Provable security (1/2)

• Formal definition ofSecurity and Adversarial model

• Formal proof of security:no adversary can break the scheme

Security:- Information-theoretic (unbounded adversary)- Standard model (reduction from hard problems)- Random Oracle Model (cryptographic hash functions)


Provable security (2/2)

Security against all known (even future) attacks

Developed very fast

Attained a large number of secure cryptographic schemes


Problem

Once implemented, some of the schemes were broken!

Easy to step out from

the security model


Black-box model

X

Y

No information about the internal state of the

cryptosystem

chooses

receives


CRYPTO

Information leakageX

Y, λ

During the execution, the adversary can measure:• Power consumption• Electromagnetic radiation• Time• Sound

MACHINE(PC, Smartcard,…)

} Side-channel attacks

chooses

receives

Even partial leakage suffices to completely break a scheme


CRYPTO

Side-channel attacks

Exploit physical measurements on real devices

Practitioners: find countermeasures (and exploit new attacks)

• mostly ad-hoc• often without a formal proof of security• cannot provide security against all possible attacks

Recent trend: extend the realm of provable security


Leakage-Resilient Cryptography

Design protocols that are secure

even if

they are implemented on machines that may leak information


Leakage-Resilient Cryptography: The ModelsOnly computation leaks

Total leakage unbounded

All the memory leaks

Total leakage bounded

All the memory leaks

Total leakage unbounded

All the memory leaksComputationally hard to recover

the secret from the leakage

• Continual leakage(MR04, DP08, Pie09, FKPR10, FRRTV10, GR10, JV10, DP10, KP10, DF11)

• Bounded memory-leakage(ISW03, IPSW06, AGV09, ADW09, KV09, NS09, DHLW10, BG10, GKPV10, ADNSWW10, DDV10)

• Auxiliary input(DKL09, DGKPV10)

• Continual memory-leakage(BKKV10, DHLW10, BSW11, LRW11, LLW11, DLWW11)


Leakage model

The adversary is allowed to learn (adaptively)

the values of some leakage functions (chosen by her)

on the internal state of the cryptographic scheme


Examples of assumptions (1/2)

S

input-shrinking

function Λthe adversary can learn the

values on up to t wires

boolean circuit

Bounded-Retrieval Model“Memory Attacks” [AGV09]

“Probing Attacks” [ISW03]

Λ(S)


S

input-shrinking

low-complexity Λ

S0

input-shrinking

Λ

S1

input-shrinking

Λ

[FRRTV10, DDV10] [MR04, DP08, DDV10]

Examples of assumptions (2/2)

Λ(S) Λ(S1)Λ(S0)


General goal

Design models:

• realistic (i.e. they correspond to the real-life adversaries)

• allow to construct secure schemes

tradeoff


Outline




Contribution: Leakage-Resilient Storage

An encoding scheme to securely store data on hardware that may leak information

PROS: information-theoretic solutionCONS: analysis of concrete parameters does not seem to allow for efficient feasibility in

practice


Leakage-Resilient Storage

Enc(m)Enc(m)Enc Dec

Note:no secret key

m

Λ1,…,Λt

chooses (adaptively) t functions

Λi : {0,1}|Enc(m)| → {0,1}λi є Γ

retrieves λi bitscomputationally

unbounded

total leakage < λ • very realistic

• Decode є Γ

• input-shrinking

λ < |Enc(m)|

All-Or-Nothing Transformit should be hard to reconstruct a messageif not all the bits of its encoding are known

m


Security definition

A scheme (Enc, Dec) is secure if for every m0, m1

no adversary can distinguish Enc(m0) from Enc(m1)

we will require that m0, m1 are chosen by the adversary

Enc(m0)Enc(m0) Enc(m1)Enc(m1)


Adversary model

Enc(m):=(Rand, f(Rand) m)Enc(m):=(Rand, f(Rand) m)Encm

Λi Λi(Rand, f(Rand) m)

Enc(m)Enc(m)

Λi(Enc(m))Λ’i Λ’i(Rand)

adversaryweak adversary


Lemma

For any family of functions Γ

if an encoding scheme is secure for

then it is also secure for


security loss 2α, where α is the length of the message

Problem

each leakage function can depend only on some restricted part

of the memorythe cardinality of Γ is restricted

randomness extractors

l-wise independent hash functions

For a fixed family Γ

how to construct secure (Enc,Dec)?


Two-source Extractor

source1

source2

Two-SourceExtractor

extracted stringextracted string

deterministic

Independent

Random

Far from uniform

A lot of min-entropy

Almost uniformly random


Memory divided into 2 parts: construction

R0

R1

Ext Ext(R0,R1)Ext(R0,R1)

Enc(m):=( , , m)R0 R1 Ext(R0,R1)Ext(R0,R1)

Dec( , , m*):= m* .R0 R1 Ext(R0,R1)Ext(R0,R1)

M0 M1each leakage function can depend

only on some restricted partof the memory

remind


Proof Idea

It suffices to show that (Enc,Dec) is secure against every

One can prove that even given Λ’1( ),…,Λ’t( )

R0 R1

Enc(m):=( , , m)R0 R1 Ext(R0,R1)Ext(R0,R1)

Ri Ri

• are still independent

• have high min-entropy (with high probability)

remind

and


Problem

each leakage function can depend only on some restricted part

of the memorythe cardinality of Γ is restricted

randomness extractors


For a fixed family Γ

how to construct secure (Enc,Dec)?



H={hs:X→Y}sєI is l-wise independent if

uniformly random S є I

Xl Yl

{x1,…,xl} hS {hS(x1),…,hS(xl)}

uniform over Yl


the cardinality of Γ is restricted

Boolean circuits of small size: construction

remind

the set of functions computable by Boolean circuits of a fixed size

Encs(m):=(R, hS(R) m)

Decs(R , m*):=(hS(R) m*)

H={hs:X→Y}sєI is l-wise independent

R є X is random


Outline




Contribution: AKE protocol in the BRM

Authenticated Key Exchange (AKE) protocol:• provide Client and Server with a short shared key• client-to-server authentication• security against active attackers

PROS: protocol analysis + efficient implementationCONS: Random Oracle model


Client and Server share a huge random fileThe attacker can retrieve a large portion of it

Key Exchange protocolCLIENT SERVER

Key Exchange protocol

Key Key


Problem: Man-in-the-Middle attack

Solution: Authentication

AuthenticationCLIENT SERVER

Password-based Authenticated Key Exchange protocol

Key Key


Password Password

Key Exchange protocol

AKE: a general paradigmCLIENT SERVER

Weak Key Exchange protocol


Low entropy

Human memorizable

Cash, Ding, Dodis, Lee, Lipton and Walfish “Intrusion-resilient key exchange in the Bounded Retrieval

Model". In TCC (2007)

Password-based Authenticated Key Exchange protocol

Key Key

Password Password

Universally-Composable Password-based Authenticated Key Exchange protocol

cannot be implemented in the standard model

Contribution: new AKE protocol in the BRM

CLIENT SERVER



Key Key

Password Password


input-shrinking function Λ

Λ(F)

Λ(F)

active over the channel

Indistinguishable from random

Implemented using OpenSSL crypto library

Random Oracle model

Setup: long shared secret random file F

Contribution: Weak Key Exchange protocol (1/3)

CLIENT SERVER



Password PasswordΛ(F)

active over the channel

We prove that:even given Λ(F)

i.e. the shared passwords are individually unpredictable for the adversary

Password has high min-entropy(with high probability)




Choose random indexes Choose random indexesIDX_CLIENT

IDX_SERVER

Create password: concatenate the

corresponding bits of F

Create password: concatenate the

corresponding bits of F

Several large numbers

101001001001010101001010100100101001010000100101011010101010010101010111010110101001010010010110101010110010101001010101011010010101010010010101010100110010101101010100101010101001010100010101001011010110101010010110101111101001011001010101011011010101010011101010100101010101010101010100100101000000000010101010111111110101010101001010101010100101010101010101010101111111101011001100101010010010100101001010010010010100101101010111001000010100101011010111001010101010100101001010101000010010101010010100101010000001110101010100101001110101101001011011010101000101011111010101

0 0 1 0 0 10 1 0 0 1 0

IDX_CLIENT IDX_SERVER

CLIENT SERVERSetup: long shared secret random file F



Choose random short SEED_CLIENT

Choose random short SEED_SERVER

SEED_CLIENT

SEED_SERVER

Calculate indexes:

IDXi= H(i|SEED)

Public parameter: cryptographic hash function H

Create password Create password

unpredictable

Random Oracle model

Setup: long shared secret random file F101001001001010101001010100100101001010000100101011010101010010101010111010110101001010010010110101010110010101001010101011010010101010010010101010100110010101101010100101010101001010100010101001011010110101010010110101111101001011001010101011011010101010011101010100101010101010101010100100101000000000010101010111111110101010101001010101010100101010101010101010101111111101011001100101010010010100101001010010010010100101101010111001000010100101011010111001010101010100101001010101000010010101010010100101010000001110101010100101001110101101001011011010101000101011111010101

CLIENT SERVER

0 0 1 0 1 0 0 0 1 0 1 0

Λ(F)

AKE: a general paradigmCLIENT SERVER



Key Key

Password Password


UC Password-based AKE protocol


Abdalla, Catalano, Chevalier and Pointcheval: Efficient two-party password-based key exchange protocols in

the UC framework. CT-RSA (2008)

(Modified) Diffie-Hellman Key Exchange:• No assumptions on the distribution on the

passwords• One-flow encrypted• Two cryptographic hash functions to compute

secret key and provide authentication

Forward securityCLIENT SERVER



Key Key

Password Password



Λ(F)

F

Diffie-Hellman Key Exchange encrypted with Password

? ?

Experimental results


Security parameterLeakage

Shared file size

t = number of indexes

running time evaluated experimentally on an Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz, with 4GB of RAM, under the 64-bits version of Ubuntu 11.04

Number of indexes


PAKE protocol running time


WKE protocol running time


Thank you!


Main idea of this line of research

To achieve security one assumes that the power of the adversary

during the “physical attack” is “limited in some way”

this should be justified by some physical characteristics of the device


Security definition

adversary oracle

chooses m0,m1 є {0,1}α m0,m11. chooses a random b = 0,12. calculates τ := Enc(mb)

outputs b’

(Enc,Dec) is (Γ, λ, t, ε)-secureif no adversary wins the game

with probability greater than 1/2 + ε

Enc : {0,1}α → {0,1}β

Dec : {0,1}β → {0,1}α

for i = 1,...,t, chooses

Λi : {0,1}β → {0,1}λi є Γ calculates Λi(τ)Λi(τ)

Λi

wins if b’ = b

advantage


Lemma

For any Γ, λ, t and ε,

if an encoding scheme is (Γ, λ, t, ε )-secure for

then it is also (Γ, λ, t, ε˙2α )-secure for

α is the length of the message


Proof Idea

wins with advantage δ

can simulate

replacing f(Rand) m with a random string z є {0,1}α

Consider

Constructwins with advantage δ˙2-α

= ε ˙2α


= ε

Diffie-Hellman Key ExchangeSetup:

finite cyclic group G = <g> of order a prime number p

CLIENT SERVER

a ← [p-1] b ← [p-1]A

B ← gbmod p

A ← ga mod pB

K = Ba mod p K = Ab mod pgab mod p


Man-in-the-middle attackSetup:

finite cyclic group G = <g> of order a prime number p

CLIENT SERVER

a ← [p-1] b ← [p-1]A

B ← gbmod pE← ge mod p B

K = Ea mod p K = Eb mod p

e ← [p-1]

E

EA ← ga mod p

KC = Ae mod pKS = Be mod p

They need authentication!Input-shrinking functions: theory and application Francesco Davì

UC Password-based AKE protocolCLIENT SERVER


Pwd Pwd

a ← [p-1] b ← [p-1]A

B ← gbmod pA ← ga mod p ENCPwd(B)

DHC = Ba mod p DHS = Ab mod pB = DECPwd(B)

KEYC = H0(Pwd|DHC)AUTH = H1(Pwd|DHC)

if AUTH = H1(Pwd|DHS)KEYS = H0(Pwd|DHS)

else ERROR

AUTH

Setup:finite cyclic group G = <g> of order a prime number p

Input-shrinking functions: theory and application PhD candidate: Francesco Davì Thesis committee:...

Documents

Transcript of Input-shrinking functions: theory and application PhD candidate: Francesco Davì Thesis committee:...