Implementation and Evaluation of a Leakage-Resilient ElGamal KEM David Galindo 1 , 2 , Johann Großschädl 3 , Zhe Liu 3 , Praveen K. Vadnala 3 , Srinivas Vivek 3 1 CNRS/Loria, France 2 SCYTL Secure Electronic Voting, Spain 3 University of Luxembourg PROOFS 2014 David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
Side-Channel Attacks Use data leaked due to the physical nature of computation: running time power consumption electromagnetic-radiation leak acoustic emanation photons emissions ground electric potential fault attacks David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
Side-Channel Attacks Countermeasures SCA Countermeasures flow Aimed at specific attacks input message Concrete implementations K ⋆ target computation Leakage model meaningful f ( K ⋆ , T ) Reasonably practical leakage model SCA-resistant primitives ϕ noise N actual leakage � � N X ≈ ϕ ( K ⋆ , T ) distinguisher D attack/non-attack � K = D ( X , T ) David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
Side-Channel Attacks Countermeasures SCA Countermeasures flow Aimed at specific attacks input message Concrete implementations K ⋆ target computation Leakage model meaningful f ( K ⋆ , T ) Reasonably practical leakage model SCA-resistant primitives ϕ noise N However... actual leakage � � N X ≈ ϕ ( K ⋆ , T ) distinguisher D attack/non-attack � K = D ( X , T ) David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
Side-Channel Attacks Countermeasures SCA Countermeasures flow � Aimed at specific attacks input message � Concrete implementations K ⋆ target computation � Leakage model meaningful f ( K ⋆ , T ) � Reasonably practical leakage model SCA-resistant primitives ϕ noise A new attack ( ϕ, N , D ) might be N discovered actual leakage � Endless? cat-and-mouse game � � N X ≈ ϕ ( K ⋆ , T ) distinguisher D security? � K = D ( X , T ) David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
SCA Countermeasures vs. Leakage-Resilient Cryptography SCA countermeasures Leakage-Resilient Crypto � Aimed at specific attacks � Aimed at generic attacks � Concrete implementations � No implementations � Leakage model meaningful � Leakage model generic � Reasonably practical � Not practical SCA-resistant primitives A new attack ( ϕ, N , D ) might be discovered � Endless? cat-and-mouse game � Security reduction David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
Meaningful Leakage-Resilient Cryptography � Aimed at general attacks � Leakage model meaningful � Reasonably practical SCA-resistant primitives � Security reduction � Concrete implementations David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
Meaningful Leakage-Resilient Cryptography � Aimed at general attacks � Leakage model meaningful � Reasonably practical SCA-resistant primitives � Security reduction � Concrete implementations In this work we take a step forward towards to this goal David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
Our contribution A more reasonable leakage modeling We depart from an existing practical ElGamal KEM and modify it using practical motivations We use the theory and practice of SCA to argue that it potentially meets the leakage bound We implement the scheme on an ARM Cortex M-3 processor David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
Stateful Key Encapsulation Mechanisms A stateful KEM scheme Π = ( KeyGen , Enc , Dec 1 , Dec 2 ) consists of efficient algorithms: � � KeyGen ( 1 κ ) outputs pk , ( sk 0 , sk ′ 0 ) Enc ( pk ) outputs ( K , C ) Dec 1 ( sk i − 1 , C ) updates sk i − 1 to sk i and outputs intermediate state w i Dec 2 ( sk ′ i − 1 , w i ) updates sk ′ i − 1 to sk ′ i and outputs key K or ⊥ David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
ElGamal KEM with Multiplicative Masking $ ← Z q . Set X = g x , sk 0 = t 0 , sk ′ KG ( κ ) : choose x , t 0 0 = x / t 0 . Return ( X , ( sk 0 , sk ′ 0 ) ) ← Z q . Compute C = g r and K = X r ; return ( C , K ) $ Enc ( pk ) choose r $ ← Z q , set sk i = sk i − 1 · t i , Y i = C sk i . Return ( t i , Y i ) Dec1 ( sk i − 1 , C ) pick t i sk ′ − 1 , and return K = Y Dec2 ( sk ′ i − 1 , ( t i , Y i ) , C ) set sk ′ i = sk ′ i − 1 · t i i . i David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
CCA1 with Leakage – Stateful KEM We consider chosen-ciphertext and leakage security against lunch-time attacks (CCLA1) CCLA1 Experiment KEM-Leak-Oracle O CCLA1 ( C , f i , h i ) KEM-CCLA1 KEM ( A , κ, λ ) 0 )) ← KG ∗ ( κ, λ ) ( pk , ( sk 0 , sk ′ w ← A O CCLA1 ( · ) ( pk ) r i ( sk i , w i ) ← Dec1 ∗ ( sk i − 1 , C ) r ′ $ i ← { 0 , 1 } ( sk ′ i , K ) ← Dec2 ∗ ( sk ′ i − 1 , w i ) b ( C ∗ , K 0 ) ← Enc ∗ ( pk ) Λ i := f i ( sk i − 1 , r i ) $ K 1 ← K Λ ′ i := h i ( sk ′ i − 1 , r ′ i , w i ) b ′ ← A ( w , C ∗ , K b ) i := i + 1 Return ( K , Λ i , Λ ′ i ) David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
CCA1 with Leakage – Stateful KEM We consider chosen-ciphertext and leakage security against lunch-time attacks (CCLA1) CCLA1 Experiment KEM-Leak-Oracle O CCLA1 ( C , f i , h i ) KEM-CCLA1 KEM ( A , κ, λ ) 0 )) ← KG ∗ ( κ, λ ) ( pk , ( sk 0 , sk ′ w ← A O CCLA1 ( · ) ( pk ) r i ( sk i , w i ) ← Dec1 ∗ ( sk i − 1 , C ) r ′ $ i ← { 0 , 1 } ( sk ′ i , K ) ← Dec2 ∗ ( sk ′ i − 1 , w i ) b ( C ∗ , K 0 ) ← Enc ∗ ( pk ) Λ i := f i ( sk i − 1 , r i ) $ K 1 ← K Λ ′ i := h i ( sk ′ i − 1 , r ′ i , w i ) b ′ ← A ( w , C ∗ , K b ) i := i + 1 Return ( K , Λ i , Λ ′ i ) Restriction on leakage functions f i , h i ˜ H ∞ ( t | f i ( σ i − 1 , r i )) ≥ H ∞ ( t ) − λ ∀ t ∈ σ i − 1 ∪ r i , � � ˜ t | h i ( σ ′ i − 1 , r ′ ∀ t ∈ σ ′ i − 1 ∪ r ′ H ∞ i , w i ) ≥ H ∞ ( t ) − λ i ∪ w i . David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
Leakage-Resilience of ElGamal KEM State of the art does not allow to give a security reduction with leakage If f i , h i leak λ ≥ 3 / 8 log q bits of each share of the secret key, then there exists a heuristic attack [Galindo-Vivek,IPL 2014] Probably due to the fact that any exponentiation algorithm inherently leaks information about the exponent David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
Leakage-Resilience of ElGamal KEM State of the art does not allow to give a security reduction with leakage If f i , h i leak λ ≥ 3 / 8 log q bits of each share of the secret key, then there exists a heuristic attack [Galindo-Vivek,IPL 2014] Probably due to the fact that any exponentiation algorithm inherently leaks information about the exponent Idea! Avoid placing secret data on your exponentiations’ exponents... David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
Asymmetric Pairings Let G 1 , G 2 , G T be groups of prime order q G 1 = < g >, G 2 = < G > Pairing e : G 1 × G 2 → G T bilinear: e ( g a , g b ) = e ( g , g ) ab , ∀ a , b ∈ Z non-degenerate: G T = < e ( g , G ) > David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
Pairing-Based Stateful ElGamal KEM (Asiacrypt 2010) $ ← Z q . Set X = g x , sk 0 = g t 0 , sk ′ 0 = g x − t 0 , and KG ( κ ) : choose x , t 0 X T = e ( X , G ) . Return ( X T , ( sk 0 , sk ′ 0 ) ) ← Z q . Compute C = G r and K = X r $ Enc ( pk ) choose r T ; return ( C , K ) ← Z q , set sk i = sk i − 1 · G t i , Y i = e ( sk i , C ) . $ Dec1 ( C , sk i − 1 ) pick t i Return ( t i , Y i ) i − 1 · G − t i , and Y ′ Dec2 ( sk ′ i − 1 , ( t i , Y i ) , C ) set sk ′ i = sk ′ i = e ( sk ′ i , C ) . Return K = Y i · Y ′ i ∈ G T David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
ElGamal KEM with Multiplicative Masking $ ← Z q . Set X = g x , sk 0 = t 0 , sk ′ KG ( κ ) : choose x , t 0 0 = x / t 0 . Return ( X , ( sk 0 , sk ′ 0 ) ) ← Z q . Compute C = g r and K = X r ; return ( C , K ) $ Enc ( pk ) choose r $ ← Z q , set sk i = sk i − 1 · t i , Y i = C sk i . Return ( t i , Y i ) Dec1 ( sk i − 1 , C ) pick t i sk ′ − 1 , and return K = Y Dec2 ( sk ′ i − 1 , ( t i , Y i ) , C ) set sk ′ i = sk ′ i − 1 · t i i . i David Galindo – SCYTL Secure Electronic Voting Evaluation of a Leakage-Resilient ElGamal KEM
Recommend
More recommend