Controlled secret leakage

Privacy is the claim of individuals, groups and institutions to determine for themselves, when, how and to what extent information about them is communicated to others. How to leak authoritative secrets in an elegant way? The paper aims to solve this problem. The desired security properties i.e. Semantic-Security; Recipient-Designation; Verification-Dependence; Designated-Verifier Signature- Verifiability; Public Signature-Verifiability; Recipient- Ambiguity; Designated-Verifier Recipient-Verifiability; Public Recipient-Verifiability; Signer-Ambiguity; Signer- Verifiability are specified in secret leakage. Based on Chow- Yiu-Hui’s ID-based ring signature scheme and techniques of zero-knowledge proof, an ID-based controlled secret leakage scheme is proposed. The proposed scheme satisfies all specified security properties and can be used in trust negotiation

Controlled secret leakage

How to leak authoritative secrets in an elegant way? The paper aims to solve this problem. The desired security properties i.e. Semantic-Security; Recipient-Designation; Verification-Dependence; Designated-Verifier Signature-Verifiability; Public Signature-Verifiability; Recipient-Ambiguity; Designated-Verifier Recipient-Verifiability; Public Recipient-Verifiability; Signer-Ambiguity; Signer- Verifiability are specified in secret leakage. Based on Chow-Yiu-Hui's ID-based ring signature scheme and techniques of zero-knowledge proof, an ID-based controlled secret leakage scheme is proposed. The proposed scheme satisfies all specified security properties and can be used in trust negotiation

Similar operation template attack on RSA-CRT as a case study

A template attack, the most powerful side-channel attack methods, usually first builds the leakage profiles from a controlled profiling device, and then uses these profiles to recover the secret of the target device. It is based on the fact that the profiling device shares similar leakage characteristics with the target device. In this study, we focus on the similar operations in a single device and propose a new variant of the template attack, called the similar operation template attack (SOTA). SOTA builds the models on public variables (e.g., input/output) and recovers the values of the secret variables that leak similar to the public variables. SOTA’s advantage is that it can avoid the requirement of an additional profiling device. In this study, the proposed SOTA method is applied to a straightforward RSA-CRT implementation. Because the leakage is (almost) the same in similar operations, we reduce the security of RSA-CRT to a hidden multiplier problem (HMP) over GF(q), which can be solved byte-wise using our proposed heuristic algorithm. The effectiveness of our proposed method is verified as an entire prime recovery procedure in a practical leakage scenario

Differentially Private Secure Multiplication: Hiding Information in the Rubble of Noise

We consider the problem of private distributed multi-party multiplication. It is well-established that Shamir secret-sharing coding strategies can enable perfect information-theoretic privacy in distributed computation via the celebrated algorithm of Ben Or, Goldwasser and Wigderson (the "BGW algorithm"). However, perfect privacy and accuracy require an honest majority, that is, $N \geq 2t+1$ compute nodes are required to ensure privacy against any $t$ colluding adversarial nodes. By allowing for some controlled amount of information leakage and approximate multiplication instead of exact multiplication, we study coding schemes for the setting where the number of honest nodes can be a minority, that is $N< 2t+1.$ We develop a tight characterization privacy-accuracy trade-off for cases where $N < 2t+1$ by measuring information leakage using {differential} privacy instead of perfect privacy, and using the mean squared error metric for accuracy. A novel technical aspect is an intricately layered noise distribution that merges ideas from differential privacy and Shamir secret-sharing at different layers.Comment: Extended version of papers presented in IEEE ISIT 2022, IEEE ISIT 2023 and TPDP 202