Input-shrinking functions: theory and application

In this thesis, we contribute to the emerging field of the Leakage-Resilient Cryptography by studying the problem of secure data storage on hardware that may leak information, introducing a new primitive, a leakage-resilient storage, and showing two different constructions of such storage scheme provably secure against a class of leakage functions that can depend only on some restricted part of the memory and against a class of computationally weak leakage functions, e.g. functions computable by small circuits, respectively. Our results come with instantiations and analysis of concrete parameters. Furthermore, as second contribution, we present our implementation in C programming language, using the cryptographic library of the OpenSSL project, of a two-party Authenticated Key Exchange (AKE) protocol, which allows a client and a server, who share a huge secret file, to securely compute a shared key, providing client-to-server authentication, also in the presence of active attackers. Following the work of Cash et al. (TCC 2007), we based our construction on a Weak Key Exchange (WKE) protocol, developed in the BRM, and a Password-based Authenticated Key Exchange (PAKE) protocol secure in the Universally Composable (UC) framework. The WKE protocol showed by Cash et al. uses an explicit construction of averaging sampler, which uses less random bits than the random choice but does not seem to be efficiently implementable in practice. In this thesis, we propose a WKE protocol similar but simpler than that one of Cash et al.: our protocol uses more randomness than the Cash et al.'s one, as it simply uses random choice instead of averaging sampler, but we are able to show an efficient implementation of it. Moreover, we formally adapt the security analysis of the WKE protocol of Cash et al. to our WKE protocol. To complete our AKE protocol, we implement the PAKE protocol showed secure in the UC framework by Abdalla et al. (CT-RSA 2008), which is more efficient than the Canetti et al.'s UC-PAKE protocol (EuroCrypt 2005) used in Cash et al.'s work. In our implementation of the WKE protocol, to achieve small constant communication complexity and amount of randomness, we rely on the Random Oracle (RO) model. However, we would like to note that in our implementation of the AKE protocol we need also a UC-PAKE protocol which already relies on RO, as it is impossible to achieve UC-PAKE in the standard model. In our work we focus not only on the theoretical aspects of the area, providing formal models and proofs, but also on the practical ones, analyzing instantiations, concrete parameters and implementation of the proposed solutions, to contribute to bridge the gap between theory and practice in this field

Leakage-resilient biometric-based remote user authentication with fuzzy extractors

National Research Foundation (NRF) Singapor

Secure data storage and retrieval in cloud computing

Nowadays cloud computing has been widely recognised as one of the most inuential information technologies because of its unprecedented advantages. In spite of its widely recognised social and economic benefits, in cloud computing customers lose the direct control of their data and completely rely on the cloud to manage their data and computation, which raises significant security and privacy concerns and is one of the major barriers to the adoption of public cloud by many organisations and individuals. Therefore, it is desirable to apply practical security approaches to address the security risks for the wide adoption of cloud computing

Standard Model Leakage-Resilient Authenticated Key Exchange using Inner-product Extractors

With the development of side-channel attacks, a necessity arises to invent authenticated key exchange protocols in a leakage-resilient manner. Constructing authenticated key exchange protocols using existing cryptographic schemes is an effective method, as such construction can be instantiated with any appropriate scheme in a way that the formal security argument remains valid. In parallel, constructing authenticated key exchange protocols that are proven to be secure in the standard model is more preferred as they rely on real-world assumptions. In this paper, we present a Diffie-Hellman-style construction of a leakage-resilient authenticated key exchange protocol, that can be instantiated with any CCLA2-secure public-key encryption scheme and a function from the pseudo-random function family. Our protocol is proven to be secure in the standard model assuming the hardness of the decisional Diffie-Hellman problem. Furthermore, it is resilient to continuous partial leakage of long-term secret keys, that happens even after the session key is established, while satisfying the security features defined by the eCK security model

Deniable Key Establishment Resistance against eKCI Attacks

In extended Key Compromise Impersonation (eKCI) attack against authenticated key establishment (AKE) protocols the adversary impersonates one party, having the long term key and the ephemeral key of the other peer party. Such an attack can be mounted against variety of AKE protocols, including 3-pass HMQV. An intuitive countermeasure, based on BLS (Boneh–Lynn–Shacham) signatures, for strengthening HMQV was proposed in literature. The original HMQV protocol fulfills the deniability property: a party can deny its participation in the protocol execution, as the peer party can create a fake protocol transcript indistinguishable from the real one. Unfortunately, the modified BLS based version of HMQV is not deniable. In this paper we propose a method for converting HMQV (and similar AKE protocols) into a protocol resistant to eKCI attacks but without losing the original deniability property. For that purpose, instead of the undeniable BLS, we use a modification of Schnorr authentication protocol, which is deniable and immune to ephemeral key leakages

Efficient public-key cryptography with bounded leakage and tamper resilience

We revisit the question of constructing public-key encryption and signature schemes with security in the presence of bounded leakage and tampering memory attacks. For signatures we obtain the first construction in the standard model; for public-key encryption we obtain the first construction free of pairing (avoiding non-interactive zero-knowledge proofs). Our constructions are based on generic building blocks, and, as we show, also admit efficient instantiations under fairly standard number-theoretic assumptions. The model of bounded tamper resistance was recently put forward by Damgård et al. (Asiacrypt 2013) as an attractive path to achieve security against arbitrary memory tampering attacks without making hardware assumptions (such as the existence of a protected self-destruct or key-update mechanism), the only restriction being on the number of allowed tampering attempts (which is a parameter of the scheme). This allows to circumvent known impossibility results for unrestricted tampering (Gennaro et al., TCC 2010), while still being able to capture realistic tampering attack

New Approach to Practical Leakage-Resilient Public-Key Cryptography

We present a new approach to construct several leakage-resilient cryptographic primitives, including leakage-resilient public-key encryption (PKE) schemes, authenticated key exchange (AKE) protocols and low-latency key exchange (LLKE) protocols. To this end, we introduce a new primitive called leakage-resilient non-interactive key exchange (LR-NIKE) protocol. We introduce a generic security model for LR-NIKE protocols, which can be instantiated in both the bounded and continuous-memory leakage ((B/C)-ML) settings. We then show a secure construction of LR-NIKE protocol in the bounded- memory leakage (BML) setting, that achieves an optimal leakage rate, i.e., 1-o(1). Finally, we show how to construct the aforementioned leakage-resilient primitives from such a LR-NIKE protocol as summarized below. All the primitives also achieve the same (optimal) leakage rate as the underlying LR-NIKE protocol. We show how to construct a leakage-resilient IND-CCA-2-secure PKE scheme in the BML model generically from a LR-NIKE protocol. Our construction differs from the state-of-the-art constructions of leakage-resilient IND-CCA-2-secure PKE schemes, which use hash proof techniques to achieve leakage-resilience. Moreover, our transformation preserves the leakage-rate of the underlying LR- NIKE and admits more efficient construction than previous such PKE constructions. We introduce a new leakage model for AKE protocols, in the BML setting. We show how to construct a leakage-resilient AKE protocol starting from LR-NIKE protocol. We introduce the first-ever leakage model for LLKE protocols in the BML setting, and the first construction of such a leakage-resilient LLKE from LR-NIKE protocol

Cryptographic techniques for hardware security

Traditionally, cryptographic algorithms are designed under the so-called black-box model, which considers adversaries that receive black-box access to the hardware implementation. Although a "black-box" treatment covers a wide range of attacks, it fails to capture reality adequately, as real-world adversaries can exploit physical properties of the implementation, mounting attacks that enable unexpected, non-black-box access, to the components of the cryptographic system. This type of attacks is widely known as physical attacks, and has proven to be a significant threat to the real-world security of cryptographic systems. The present dissertation is (partially) dealing with the problem of protecting cryptographic memory against physical attacks, via the use of non-malleable codes, which is a notion introduced in a preceding work, aiming to provide privacy of the encoded data, in the presence of adversarial faults. In the present thesis we improve the current state-of-the-art on non-malleable codes and we provide practical solutions for protecting real-world cryptographic implementations against physical attacks. Our study is primarily focusing on the following adversarial models: (i) the extensively studied split-state model, which assumes that private memory splits into two parts, and the adversary tampers with each part, independently, and (ii) the model of partial functions, which is introduced by the current thesis, and models adversaries that access arbitrary subsets of codeword locations, with bounded cardinality. Our study is comprehensive, covering one-time and continuous, attacks, while for the case of partial functions, we manage to achieve a stronger notion of security, that we call non-malleability with manipulation detection, that in addition to privacy, it also guarantees integrity of the private data. It should be noted that, our techniques are also useful for the problem of establishing, private, keyless communication, over adversarial communication channels. Besides physical attacks, another important concern related to cryptographic hardware security, is that the hardware fabrication process is assumed to be trusted. In reality though, when aiming to minimize the production costs, or whenever access to leading-edge manufacturing facilities is required, the fabrication process requires the involvement of several, potentially malicious, facilities. Consequently, cryptographic hardware is susceptible to the so-called hardware Trojans, which are hardware components that are maliciously implanted to the original circuitry, having as a purpose to alter the device's functionality, while remaining undetected. Part of the present dissertation, deals with the problem of protecting cryptographic hardware against Trojan injection attacks, by (i) proposing a formal model for assessing the security of cryptographic hardware, whose production has been partially outsourced to a set of untrusted, and possibly malicious, manufacturers, and (ii) by proposing a compiler that transforms any cryptographic circuit, into another, that can be securely outsourced

A Pairing-Free, One Round Identity Based Authenticated Key Exchange Protocol Secure Against Memory-Scrapers

Security of a key exchange protocol is formally established through an abstract game between a challenger and an adversary. In this game the adversary can get various information which are modeled by giving the adversary access to appropriate oracle queries. Empowered with all these information, the adversary will try to break the protocol. This is modeled by a test query which asks the adversary to distinguish between a session key of a fresh session from a random session key; properly guessing which correctly leads the adversary to win the game. In this traditional model of security the adversary sees nothing apart from the input/ output relationship of the algorithms. However, in recent past an adversary could obtain several additional information beyond what he gets to learn in these black box models of computation, thanks to the availability of powerful malwares. This data exfiltration due to the attacks of Memory Scraper/Ram-Scraper-type malwares is an emerging threat. In order to realistically capture these advanced classes of threats posed by such malwares we propose a new security model for identity-based authenticated key exchange (ID-AKE) which we call the Identity based Strong Extended Canetti Krawzyck (ID-seCK) model. Our security model captures leakages of intermediate values by appropriate oracle queries given to the adversary. Following this, we propose a round optimal (i.e., single round) ID-AKE protocol for two-party settings. Our design assumes a hybrid system equipped with a bare minimal Trusted Platform Module (TPM) that can only perform group exponentiations. One of the major advantages of our construction is that it does not involve any pairing operations, works in prime order group and have a tight security reduction to the Gap Diffie Hellman (GDH) problem under our new ID-seCK model. Our scheme also has the capability to handle active adversaries while most of the previous ID-AKE protocols are secure only against passive adversaries. The security of our protocol is proved in the Random Oracle (RO) model

Privacy-preserving biometric-based remote user authentication with leakage resilience

National Research Foundation (NRF) Singapor