nach oben

International Journal of Information Security

Erschienen in:

12.02.2020 | Special Issue Paper

Strong leakage-resilient encryption: enhancing data confidentiality by hiding partial ciphertext

verfasst von: Jia Xu, Jianying Zhou

Erschienen in: International Journal of Information Security | Ausgabe 2/2021

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Leakage-resilient encryption is a powerful tool to protect data confidentiality against side channel attacks. In this work, we introduce a new and strong leakage setting to counter backdoor (or Trojan horse) plus covert channel attack, by relaxing the restrictions on leakage. We allow bounded leakage at anytime and anywhere and over anything. Our leakage threshold (e.g., 10,000 bits) could be much larger than typical secret key (e.g., AES key or RSA private key) size. Under such a strong leakage setting, we propose an efficient encryption scheme which is semantic secure in standard setting (i.e., without leakage) and can tolerate strong continuous leakage.We manage to construct such a secure scheme under strong leakage setting, by hiding partial (e.g., \(1\%\)) ciphertext as secure as we hide the secret key using a small amount of more secure hardware resource, so that it is almost equally difficult for any adversary to steal information regarding this well-protected partial ciphertext or the secret key. We remark that the size of such well-protected small portion of ciphertext is chosen to be much larger than the leakage threshold. We provide concrete and practical examples of such more secure hardware resource for data communication and data storage. Furthermore, we also introduce a new notion of computational entropy, as a sort of computational version of Kolmogorov complexity. Our quantitative analysis shows that, hiding partial ciphertext is a powerful countermeasure, which enables us to achieve higher security level than existing approaches in case of backdoor plus covert channel attacks. We also show the relationship between our new notion of computational entropy and existing relevant concepts, including Shannon entropy, Yao entropy, Hill entropy, all-or-nothing Transform, and exposure-resilient function. This new computation entropy formulation may have independent interests.

Vorheriger Artikel Toward a blockchain-based framework for challenge-based collaborative intrusion detection

Nächster Artikel A secure architecture for TCP/UDP-based cloud communications

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

https://www.rambus.com/blogs/side-channel-attacks-reportedly-targeted-trusted-platform-modules-2/.

Quotation from https://en.wikipedia.org/wiki/Kleptography: “The Dual_EC_DRBG cryptographically secure pseudorandom number generator from the NIST SP 800-90A is thought to contain a kleptographic backdoor. Dual_EC_DRBG utilizes elliptic curve cryptography, and NSA is thought to hold a private key which, together with bias flaws in Dual_EC_DRBG, allows NSA to decrypt SSL traffic between computers using Dual_EC_DRBG for example.” Quotation from https://en.wikipedia.org/wiki/Dual_EC_DRBG: “The alleged NSA backdoor would allow the attacker to determine the internal state of the random number generator from looking at the output from a single round (32 bytes); all future output of the random number generator can then easily be calculated, until the CSPRNG is reseeded with an external source of randomness. This makes for example SSL/TLS vulnerable, since the setup of a TLS connection includes the sending of a randomly generated cryptographic nonce in the clear.”

http://spectrum.ieee.org/semiconductors/design/stopping-hardware-Trojans-in-their-tracks.

The encryption scheme is length-preserving, and the size of ciphertext is equal to the size of plaintext.

Note: (1) Many cloud storage servers provide a certain amount (e.g., 15 GB) of free cloud storage for individual users; (2) the cost of offline local storage should include not only hardware purchase cost but also hardware maintenance and storage cost (i.e., keep the harddisk drive in a proper physical environment for a long time).

Toshiba reports a QKD key generation rate at 1 Mbps for 50 km distance in webpage https://www.toshiba.eu/eu/Cambridge-Research-Laboratory/Quantum-Information/Quantum-Key-Distribution/Toshiba-QKD-system/. China has setup long distance quantum communication network with satellite based QKD https://www.osa-opn.org/home/articles/volume_29/february_2018/features/satellite-based_qkd/.

Actually, the motivation of this work is to provide an extremely secure (informally, close to physically isolated network) communication method in this “virtually isolated network” [15]. Here we choose strong leakage resilience against potential backdoor as our formal definition of “extremely secure”.

Usually, it is assumed that the adversary has access to the ciphertext.

This unique value could be defined as the integer interval with minimum length satisfying some desired property.

For example, Apple’s fusion drive.

https://www.schneier.com/academic/blowfish/.

http://csrc.nist.gov/publications/nistpubs/800-67-Rev1/SP-800-67-Rev1.pdf.

Shannon entropy is information-theoretical. Both Yao entropy and Hill entropy are computational variants.

When all random coins are treated as a part of input, any probabilistic algorithm will become deterministic.

The reason behind the definition of \(\varsigma (\ell , \sigma )\) (i.e., Eq. 22) is in our proof of Claim 1. Informally speaking, some steal algorithm \({{\textsf {S} }}(\ell )\) is able to convey almost \(\ell +1\) bits message to \(\textsf {R} \) algorithm, since \(| \{ 0, 1 \}^{\le \ell } | \approx |\{ 0,1 \}^{\ell +1}|\). When the error bound \(\epsilon \ge 2^{-(\ell -1)}\), we do not care the difference between such “almost” \(\ell +1\) bits message and actual \(\ell +1\) bits message.

We remark that some of these cited leakage-resilient cryptography works actually propose leakage-resilient pseudorandom generator/functions, instead of an encryption scheme. These pseudorandom generator/functions can be converted into encryption scheme using classical methods. These resulting encryption schemes will be a poor steal-resilient encryption.

The matrix row/column index starts with either zero or one, makes no essential difference to the property of Vandermonde matrix.

Xu, J., Zhou, J.: Strong leakage resilient encryption by hiding partial ciphertext. In: Lecture Notes in Computer Science 11605, Proceedings of 2019 International Workshop on Artificial Intelligence and Industrial Internet-of-Things Security (AIoTS’19), pp. 172–191

Alwen, J., Dodis, Y., Wichs, D.: Survey: leakage resilience and the bounded retrieval model. In: Proceedings of the 4th International Conference on Information Theoretic Security, ICITS’09, pp. 1–18 (2010)

Alwen, J., Dodis, Y., Wichs, D.: Leakage-resilient public-key cryptography in the bounded-retrieval model. In: Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO ’09, pp. 36–54. Springer, Berlin (2009) ISBN 978-3-642-03355-1. https://doi.org/10.1007/978-3-642-03356-8_3

Di Crescenzo, G., Lipton, R., Walfish, S.: Perfectly secure password protocols in the bounded retrieval model. In: Proceedings of the Third Conference on Theory of Cryptography, TCC’06, pp. 225–244 (2006)

Dziembowski, S.: Intrusion-resilience via the bounded-storage model. In: Proceedings of the Third Conference on Theory of Cryptography, TCC’06, pp. 207–224 (2006)

Schwarz, M., Weiser, S., Gruss, D., Maurice, C., Mangard, S.: Malware guard extension: using SGX to conceal cache attacks. CoRR, abs/1702.08719 (2017). arXiv:1702.08719

Pereira, O., Standaert, F.-X., Vivek, S.: Leakage-resilient authentication and encryption from symmetric cryptographic primitives. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS ’15, pp. 96–108 (2015)

Oswald, E., Stam, M., Barwell, G., Martin, D.P.: Authenticated encryption in the face of protocol and side channel leakage. Adv. Cryptol. ASIACRYPT 2017, 693–723 (2017)MathSciNetMATH

Barwell, G., Martin, D.P., Oswald, E., Stam, M.: Authenticated encryption in the face of protocol and side channel leakage. Cryptology ePrint Archive, Report 2017/068, (2017). https://eprint.iacr.org/2017/068

10.

Dziembowski, S., Faust, S., Standaert, F.-X.: Private circuits iii: hardware trojan-resilience via testing amplification. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, CCS ’16, pp. 142–153, New York, NY, USA (2016). ACM. ISBN 978-1-4503-4139-4. https://doi.org/10.1145/2976749.2978419

11.

Bronchain, O., Dassy, L., Faust, S., Standaert, F.-X.: Implementing trojan-resilient hardware from (mostly) untrusted components designed by colluding manufacturers. In: Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security, ASHES ’18, pp. 1–10, New York, NY, USA (2018). ACM. ISBN 978-1-4503-5996-2. https://doi.org/10.1145/3266444.3266447

12.

Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., Yang, K.: On the (im)possibility of obfuscating programs. J. ACM 59(2), 6:1–6:48 (2012). ISSN 0004-5411MathSciNetCrossRef

13.

Goldwasser, S., Kalai, Y.T.: On the impossibility of obfuscation with auxiliary input. In: Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science, FOCS ’05, pp. 553–562 (2005)

14.

Katz, J., Malozemoff, A.J., Apon, D., Huang, Y.: Implementing Cryptographic Program Obfuscation. Cryptology ePrint Archive, Report 2014/779 (2014). https://eprint.iacr.org/2014/779

15.

Xu, J., Zhou, J.: Virtually isolated network: a hybrid network to achieve high level security. In: Data and Applications Security and Privacy XXXII, DBSec ’18, pp. 299–311 (2018)

16.

Micali, S., Reyzin, L.: Physically observable cryptography (extended abstract). In: Theory of Cryptography, First Theory of Cryptography Conference, TCC 2004, Cambridge, MA, USA, February 19–21, 2004, Proceedings, volume 2951 of Lecture Notes in Computer Science, pp. 278–296. Springer, Berlin (2004). https://doi.org/10.1007/978-3-540-24638-1_16

17.

Yao, A.C-C.: Theory and applications of trapdoor functions. In: Proceedings of 23rd Annual Symposium on Foundations of Computer Science, EUROCRYPT ’07, pp. 80–91 (1982)

18.

HÅsstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364–1396 (1999)MathSciNetCrossRef

19.

Rabin, M.O.: Efficient dispersal of information for security, load balancing, and fault tolerance. J. ACM 36, 335–348 (1989)MathSciNetCrossRef

20.

Rivest, R.L.: All-or-nothing encryption and the package transform. In: Proceedings of the 4th International Workshop on Fast Software Encryption, FSE ’97, pp. 210–218 (1997)

21.

Canetti, R., Dodis, Y., Halevi, S., Kushilevitz, E., Sahai, A.: Exposure-resilient functions and all-or-nothing transforms. In: Proceedings of the 19th International Conference on Theory and Application of Cryptographic Techniques, EUROCRYPT’00, pp. 453–469 (2000)

22.

Daemen, J., Rijmen, V.: The Design of Rijndael: AES—The Advanced Encryption Standard (2002)

23.

Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRef

24.

McEliece, R.J., Sarwate, D.V.: On sharing secrets and Reed-Solomon codes. Commun. ACM 24(9), 583–584 (1981)MathSciNetCrossRef

25.

Rabin, M.O.: Efficient dispersal of information for security, load balancing, and fault tolerance. J. ACM 36(2), 335–348 (1989). https://doi.org/10.1145/62044.62050MathSciNetCrossRefMATH

26.

Othman, B., Ben Othman, J., Mokdad, L.: Enhancing data security in Ad Hoc networks based on multipath routing. J. Parallel Distrib. Comput. 70, 309–316 (2010)CrossRef

27.

Krawczyk, H.: Secret sharing made short. In: Proceedings of the 13th Annual International Cryptology Conference on Advances in Cryptology, CRYPTO ’93, pp. 136–146 (1994)

28.

Kolmogorov, A.N.: On tables of random numbers. Indian J. Stat. Ser. A 207, 387–395 (1963)MathSciNetMATH

29.

Barak, B., Shaltiel, R., Wigderson, A.: Computational analogues of entropy. In: Approximation, Randomization, and Combinatorial Optimization. Algorithms and Techniques, pp. 200–215 (2003)

30.

Hsiao, C.-Y., Lu, C.-J., Reyzin, L.: Conditional computational entropy, or toward separating pseudoentropy from compressibility. In: Proceedings of the 26th Annual International Conference on Advances in Cryptology, EUROCRYPT ’07, pp. 169–186 (2007)

31.

Gabizon, A., Raz, R., Shaltiel, R.: Deterministic extractors for bit-fixing sources by obtaining an independent seed. SIAM J. Comput. 36(4), 1072–1094 (2006)MathSciNetCrossRef

32.

Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: Proceedings of the 2008 49th Annual IEEE Symposium on Foundations of Computer Science, FOCS ’08, pp. 293–302, Washington, DC, USA (2008). IEEE Computer Society. ISBN 978-0-7695-3436-7. https://doi.org/10.1109/FOCS.2008.56

33.

Standaert, F.-X., Pereira, O., Yu, Y.: Leakage-resilient symmetric cryptography under empirically verifiable assumptions. In: CRYPTO, pp. 335–352. Springer, Berlin (2013). https://doi.org/10.1007/978-3-642-40041-4_19

34.

Abdalla, M., Belaïd, S., Fouque, P.-A.: Leakage-resilient symmetric encryption via re-keying. In: Proceedings of the 15th International Conference on Cryptographic Hardware and Embedded Systems, CHES’13, pp. 471–488 (2013)

35.

Dodis, Y., Haralambiev, K., López-Alt, A., Wichs, D.: Efficient public-key cryptography in the presence of key leakage. In: ASIACRYPT ’10: ADVANCES IN CRYPTOLOGY, pp. 613–631 (2010)

36.

Yu, Y., Standaert, F.-X., Pereira, O., Yung, M.: Practical leakage-resilient pseudorandom generators. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS ’10, pp. 141–151, New York, NY, USA, (2010). ACM. ISBN 978-1-4503-0245-6. https://doi.org/10.1145/1866307.1866324

Titel: Strong leakage-resilient encryption: enhancing data confidentiality by hiding partial ciphertext
verfasst von: Jia Xu
Jianying Zhou
Publikationsdatum: 12.02.2020
Verlag: Springer Berlin Heidelberg
Erschienen in: International Journal of Information Security / Ausgabe 2/2021
Print ISSN: 1615-5262
Elektronische ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-020-00487-7

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2021

An SDN approach to detect targeted attacks in P2P fully connected overlays

Toward a blockchain-based framework for challenge-based collaborative intrusion detection

Combining behavioral biometrics and session context analytics to enhance risk-based static authentication in web applications

A secure architecture for TCP/UDP-based cloud communications

Studying lattice reduction algorithms improved by quick reordering technique

Secure and efficient wildcard search over encrypted data

Premium Partner