Input-shrinking functions: theory and application PhD candidate: Francesco Davì Thesis committee: Dr. Stefan Dziembowski (advisor) Prof. Luigi Vincenzo Mancini Prof. Alessandro Mei Reviewers: Prof. Mirosław Kutiłowski Dr. Ivan Visconti Rome, 02/03/2012 Computer Science Department Sapienza University of Rome

PhD Activity Cryptography on Non-Trusted Machines Project F. Davì, S. Dziembowski and D. Venturi: Leakage-Resilient Storage, J. Garay and R. De Prisco editor, Seventh Conference on Security and Cryptography for Networks (SCN2010), LNCS 6280, Springer 2010; Input-shrinking functions: theory and application Francesco Davì

Conferences, workshops and schools Seventh Conference on Security and Cryptography for Networks, (SCN 2010), Amalfi, September 2010; Workshop on Provable Security against Physical Attacks, Leiden, February 2010; Theory of Cryptography Conference (TCC2010), Zurich, 9-11 February 2010; Summer School On Provable Security, Barcelona, 7-11 September 2009; Bertinoro international Spring School (BiSS 2009), Bertinoro, 2-6 March 2009; Berlin-Poznan Seminar / ASZ Workshop 2008, “Humboldt-Universität", Berlin, June Input-shrinking functions: theory and application Francesco Davì

Experiences abroad May - July 2011: visiting student: Cryptography and Data Security Group, "Uniwersytet Warszawski", Warsaw, Poland; May - June 2008: Methods for Discrete Structures (Pre)Doc-Course 2008 on: Random and Quasirandom Graphs, "Humboldt-Universität", Berlin, Germany. Input-shrinking functions: theory and application Francesco Davì

Outline 1.Introduction and Motivations 2.Leakage-Resilient Storage 3.Authenticated Key Exchange protocol in the Bounded-Retrieval Model Input-shrinking functions: theory and application Francesco Davì

Cryptography Design of secure cryptographic schemes For long time, mostly based on intuition and experience Solutions broken in short time Input-shrinking functions: theory and application Francesco Davì

Provable security (1/2) Formal definition of Security and Adversarial model Formal proof of security: no adversary can break the scheme Security: - Information-theoretic (unbounded adversary) - Standard model (reduction from hard problems) - Random Oracle Model (cryptographic hash functions) Input-shrinking functions: theory and application Francesco Davì

Provable security (2/2) Security against all known (even future) attacks Developed very fast Attained a large number of secure cryptographic schemes Input-shrinking functions: theory and application Francesco Davì

Problem Once implemented, some of the schemes were broken! Easy to step out from the security model Input-shrinking functions: theory and application Francesco Davì

Black-box model X Y No information about the internal state of the cryptosystem chooses receives Input-shrinking functions: theory and application Francesco Davì CRYPTO

Information leakage X Y, λ During the execution, the adversary can measure: Power consumption Electromagnetic radiation Time Sound MACHINE (PC, Smartcard,…) } Side-channel attacks chooses receives Even partial leakage suffices to completely break a scheme Input-shrinking functions: theory and application Francesco Davì CRYPTO

Side-channel attacks Exploit physical measurements on real devices Practitioners: find countermeasures (and exploit new attacks) mostly ad-hoc often without a formal proof of security cannot provide security against all possible attacks Recent trend: extend the realm of provable security Input-shrinking functions: theory and application Francesco Davì

Leakage-Resilient Cryptography Design protocols that are secure even if they are implemented on machines that may leak information Input-shrinking functions: theory and application Francesco Davì

Leakage-Resilient Cryptography: The Models Only computation leaks Total leakage unbounded All the memory leaks Total leakage bounded All the memory leaks Total leakage unbounded All the memory leaks Computationally hard to recover the secret from the leakage Continual leakage (MR04, DP08, Pie09, FKPR10, FRRTV10, GR10, JV10, DP10, KP10, DF11) Bounded memory-leakage (ISW03, IPSW06, AGV09, ADW09, KV09, NS09, DHLW10, BG10, GKPV10, ADNSWW10, DDV10) Auxiliary input (DKL09, DGKPV10) Continual memory-leakage (BKKV10, DHLW10, BSW11, LRW11, LLW11, DLWW11) Input-shrinking functions: theory and application Francesco Davì

Leakage model The adversary is allowed to learn (adaptively) the values of some leakage functions (chosen by her) on the internal state of the cryptographic scheme The adversary is allowed to learn (adaptively) the values of some leakage functions (chosen by her) on the internal state of the cryptographic scheme Input-shrinking functions: theory and application Francesco Davì

Examples of assumptions (1/2) S input-shrinking function Λ input-shrinking function Λ the adversary can learn the values on up to t wires boolean circuit Bounded-Retrieval Model “Memory Attacks” [AGV09] “Probing Attacks” [ISW03] Λ (S) Input-shrinking functions: theory and application Francesco Davì

S input-shrinking low-complexity Λ input-shrinking low-complexity Λ S0S0 input- shrinking Λ input- shrinking Λ S1S1 input- shrinking Λ input- shrinking Λ [FRRTV10, DDV10][MR04, DP08, DDV10] Examples of assumptions (2/2) Λ (S) Λ(S1)Λ(S1) Λ(S1)Λ(S1) Λ(S0)Λ(S0) Λ(S0)Λ(S0) Input-shrinking functions: theory and application Francesco Davì

General goal Design models: realistic (i.e. they correspond to the real-life adversaries) allow to construct secure schemes tradeoff Input-shrinking functions: theory and application Francesco Davì

Outline 1.Introduction and Motivations 2.Leakage-Resilient Storage 3.Authenticated Key Exchange protocol in the Bounded-Retrieval Model Input-shrinking functions: theory and application Francesco Davì

Contribution: Leakage-Resilient Storage An encoding scheme to securely store data on hardware that may leak information PROS: information-theoretic solution CONS: analysis of concrete parameters does not seem to allow for efficient feasibility in practice Input-shrinking functions: theory and application Francesco Davì

Leakage-Resilient Storage Enc(m) Enc Dec Note: no secret key m m Λ 1,…, Λ t chooses (adaptively) t functions Λ i : {0,1} |Enc(m)| → {0,1} λ i є Γ retrieves λ i bits computationally unbounded total leakage < λ very realistic Decode є Γ input-shrinking λ < |Enc(m)| All-Or-Nothing Transform it should be hard to reconstruct a message if not all the bits of its encoding are known m m Input-shrinking functions: theory and application Francesco Davì

Security definition A scheme (Enc, Dec) is secure if for every m 0, m 1 no adversary can distinguish Enc(m 0 ) from Enc(m 1 ) A scheme (Enc, Dec) is secure if for every m 0, m 1 no adversary can distinguish Enc(m 0 ) from Enc(m 1 ) we will require that m 0, m 1 are chosen by the adversary Enc(m 0 ) Enc(m 1 ) Input-shrinking functions: theory and application Francesco Davì

Adversary model Enc(m):=(Rand, f(Rand) m) Enc m m ΛiΛi Λ i (Rand, f(Rand) m) Enc(m) Λ i (Enc(m)) Λ’iΛ’i Λ ’ i (Rand) adversaryweak adversary Input-shrinking functions: theory and application Francesco Davì

Lemma For any family of functions Γ if an encoding scheme is secure for then it is also secure for For any family of functions Γ if an encoding scheme is secure for then it is also secure for Input-shrinking functions: theory and application Francesco Davì security loss 2 α, where α is the length of the message

Problem each leakage function can depend only on some restricted part of the memory each leakage function can depend only on some restricted part of the memory the cardinality of Γ is restricted randomness extractors -wise independent hash functions For a fixed family Γ how to construct secure (Enc,Dec)? Input-shrinking functions: theory and application Francesco Davì

Two-source Extractor source 1 source 2 Two-Source Extractor extracted string deterministic Independent Random Far from uniform A lot of min-entropy Almost uniformly random Input-shrinking functions: theory and application Francesco Davì

Memory divided into 2 parts: construction R0R0 R0R0 R1R1 R1R1 Ext Ext(R 0,R 1 ) Enc(m):=(,, m) R0R0 R0R0 R1R1 R1R1 Ext(R 0,R 1 ) Dec(,, m*):= m*. R0R0 R0R0 R1R1 R1R1 Ext(R 0,R 1 ) M0M0 M1M1 each leakage function can depend only on some restricted part of the memory each leakage function can depend only on some restricted part of the memory remind Input-shrinking functions: theory and application Francesco Davì

Proof Idea It suffices to show that (Enc,Dec) is secure against every One can prove that even given Λ ’ 1 ( ),…, Λ ’ t ( ) R0R0 R0R0 R1R1 R1R1 Enc(m):=(,, m) R0R0 R0R0 R1R1 R1R1 Ext(R 0,R 1 ) RiRi RiRi RiRi RiRi are still independent have high min-entropy (with high probability) remind and Input-shrinking functions: theory and application Francesco Davì

Problem each leakage function can depend only on some restricted part of the memory each leakage function can depend only on some restricted part of the memory the cardinality of Γ is restricted randomness extractors -wise independent hash functions For a fixed family Γ how to construct secure (Enc,Dec)? Input-shrinking functions: theory and application Francesco Davì

-wise independent hash functions H={h s :X→Y} sє I is -wise independent if uniformly random S є I X Y { x 1,…,x } hShS {h S (x 1 ),…, h S (x ) } uniform over Y Input-shrinking functions: theory and application Francesco Davì

the cardinality of Γ is restricted Boolean circuits of small size: construction remind the set of functions computable by Boolean circuits of a fixed size Enc s (m):=(R, h S (R) m) Dec s (R, m*):=( h S (R) m*) H={h s :X→Y} sє I is -wise independent R є X is random Input-shrinking functions: theory and application Francesco Davì

Outline 1.Introduction and Motivations 2.Leakage-Resilient Storage 3.Authenticated Key Exchange protocol in the Bounded-Retrieval Model Input-shrinking functions: theory and application Francesco Davì

Contribution: AKE protocol in the BRM Authenticated Key Exchange (AKE) protocol: provide Client and Server with a short shared key client-to-server authentication security against active attackers PROS: protocol analysis + efficient implementation CONS: Random Oracle model Input-shrinking functions: theory and application Francesco Davì Client and Server share a huge random file The attacker can retrieve a large portion of it

Key Exchange protocol CLIENTSERVER Key Exchange protocol Key Input-shrinking functions: theory and application Francesco Davì Problem: Man-in-the-Middle attack Solution: Authentication

Authentication CLIENTSERVER Password-based Authenticated Key Exchange protocol Key Input-shrinking functions: theory and application Francesco Davì Password Key Exchange protocol

AKE: a general paradigm CLIENTSERVER Weak Key Exchange protocol Input-shrinking functions: theory and application Francesco Davì Low entropy Human memorizable Cash, Ding, Dodis, Lee, Lipton and Walfish “Intrusion-resilient key exchange in the Bounded Retrieval Model". In TCC (2007) Password-based Authenticated Key Exchange protocol Key Password Universally-Composable Password-based Authenticated Key Exchange protocol cannot be implemented in the standard model

Contribution: new AKE protocol in the BRM CLIENTSERVER Weak Key Exchange protocol Input-shrinking functions: theory and application Francesco Davì Key Password Universally-Composable Password-based Authenticated Key Exchange protocol input-shrinking function Λ Λ (F) active over the channel Indistinguishable from random Implemented using OpenSSL crypto library Random Oracle model Setup: long shared secret random file F

Contribution: Weak Key Exchange protocol (1/3) CLIENTSERVER Weak Key Exchange protocol Input-shrinking functions: theory and application Francesco Davì Password Λ (F) active over the channel We prove that: even given Λ (F) i.e. the shared passwords are individually unpredictable for the adversary Password has high min-entropy (with high probability) Setup: long shared secret random file F

Contribution: Weak Key Exchange protocol (2/3) Input-shrinking functions: theory and application Francesco Davì Choose random indexes IDX_CLIENT IDX_SERVER Create password: concatenate the corresponding bits of F Several large numbers IDX_CLIENT IDX_SERVER CLIENTSERVER Setup: long shared secret random file F

Contribution: Weak Key Exchange protocol (3/3) Input-shrinking functions: theory and application Francesco Davì Choose random short SEED_CLIENT Choose random short SEED_SERVER SEED_CLIENT SEED_SERVER Calculate indexes: IDX i = H (i|SEED) Public parameter: cryptographic hash function H Create password unpredictable Random Oracle model Setup: long shared secret random file F CLIENTSERVER Λ (F)

AKE: a general paradigm CLIENTSERVER Input-shrinking functions: theory and application Francesco Davì Weak Key Exchange protocol Key Password Universally-Composable Password-based Authenticated Key Exchange protocol

UC Password-based AKE protocol Input-shrinking functions: theory and application Francesco Davì Abdalla, Catalano, Chevalier and Pointcheval: Efficient two-party password-based key exchange protocols in the UC framework. CT-RSA (2008) (Modified) Diffie-Hellman Key Exchange: No assumptions on the distribution on the passwords One-flow encrypted Two cryptographic hash functions to compute secret key and provide authentication

Forward security CLIENTSERVER Input-shrinking functions: theory and application Francesco Davì Weak Key Exchange protocol Key Password Universally-Composable Password-based Authenticated Key Exchange protocol Setup: long shared secret random file F Λ (F) F Diffie-Hellman Key Exchange encrypted with Password ??

Experimental results Input-shrinking functions: theory and application Francesco Davì Security parameter Leakage Shared file size t = number of indexes running time evaluated experimentally on an Intel(R) Core(TM) i5-2410M 2.30GHz, with 4GB of RAM, under the 64-bits version of Ubuntu 11.04

Number of indexes Input-shrinking functions: theory and application Francesco Davì

PAKE protocol running time Input-shrinking functions: theory and application Francesco Davì

WKE protocol running time Input-shrinking functions: theory and application Francesco Davì

Thank you! Input-shrinking functions: theory and application Francesco Davì

Main idea of this line of research To achieve security one assumes that the power of the adversary during the “physical attack” is “limited in some way” this should be justified by some physical characteristics of the device Input-shrinking functions: theory and application Francesco Davì

Security definition adversaryoracle chooses m 0,m 1 є {0,1} α m 0,m 1 1.chooses a random b = 0,1 2.calculates τ := Enc(m b ) outputs b’ (Enc,Dec) is ( Γ, λ, t, ε )-secure if no adversary wins the game with probability greater than 1/2 + ε Enc : {0,1} α → {0,1} β Dec : {0,1} β → {0,1} α for i = 1,...,t, chooses Λ i : {0,1} β → {0,1} λ i є Γ calculates Λ i ( τ ) Λi(τ)Λi(τ) ΛiΛi wins if b’ = b advantage Input-shrinking functions: theory and application Francesco Davì

Lemma For any Γ, λ, t and ε, if an encoding scheme is ( Γ, λ, t, ε )-secure for then it is also ( Γ, λ, t, ε ˙ 2 α )-secure for For any Γ, λ, t and ε, if an encoding scheme is ( Γ, λ, t, ε )-secure for then it is also ( Γ, λ, t, ε ˙ 2 α )-secure for α is the length of the message Input-shrinking functions: theory and application Francesco Davì

Proof Idea wins with advantage δ can simulate replacing f(Rand) m with a random string z є {0,1} α Consider Construct wins with advantage δ ˙ 2 -α = ε ˙2α = ε ˙2α Input-shrinking functions: theory and application Francesco Davì = ε = ε

Diffie-Hellman Key Exchange Setup: finite cyclic group G = of order a prime number p CLIENTSERVER a ← [p-1]b ← [p-1] A B ← g b mod p A ← g a mod p B K = B a mod p K = A b mod p g ab mod p Input-shrinking functions: theory and application Francesco Davì

Man-in-the-middle attack Setup: finite cyclic group G = of order a prime number p CLIENTSERVER a ← [p-1]b ← [p-1] A B ← g b mod p E← g e mod p B K = E a mod p K = E b mod p e ← [p-1] E E A ← g a mod p KC = A e mod p KS = B e mod p They need authentication! Input-shrinking functions: theory and application Francesco Davì

UC Password-based AKE protocol CLIENT SERVER Input-shrinking functions: theory and application Francesco Davì Pwd a ← [p-1] b ← [p-1] A B ← g b mod p A ← g a mod p ENC Pwd (B) DH C = B a mod p DH S = A b mod p B = DEC Pwd (B) KEY C = H 0 (Pwd|DH C ) AUTH = H 1 (Pwd|DH C ) if AUTH = H 1 (Pwd|DH S ) KEY S = H 0 (Pwd|DH S ) else ERROR AUTH Setup: finite cyclic group G = of order a prime number p

Proof Idea It suffices to show that (Enc,Dec) is secure against every One can prove that even given Λ ’ 1 (, ),…, Λ ’ t (, ) R0R0 R0R0 R1R1 R1R1 Enc(m):=(,, m) R0R0 R0R0 R1R1 R1R1 Ext(R 0,R 1 ) R0R0 R0R0 R1R1 R1R1 R0R0 R0R0 R1R1 R1R1 are still independent have high min-entropy (with high probability) remind and Input-shrinking functions: theory and application Francesco Davì

Authentication CLIENTSERVER Password Password-based Authenticated Key Exchange protocol Key Input-shrinking functions: theory and application Francesco Davì

Authentication CLIENTSERVER Password-based Authenticated Key Exchange protocol Key Input-shrinking functions: theory and application Francesco Davì Password Key Exchange protocol

AKE: a general paradigm CLIENTSERVER Password Password-based Authenticated Key Exchange protocol Weak Key Exchange protocol Key Input-shrinking functions: theory and application Francesco Davì Low entropy Human memorizable Cash, Ding, Dodis, Lee, Lipton and Walfish “Intrusion-resilient key exchange in the Bounded Retrieval Model". In TCC (2007)

Contribution: AKE protocol in the BRM CLIENTSERVER Universally-Composable Password-based Authenticated Key Exchange protocol Weak Key Exchange protocol Setup: long shared secret random file F Implemented using OpenSSL crypto library input-shrinking function Λ Λ (F) active over the channel Key Indistinguishable from random Input-shrinking functions: theory and application Francesco Davì Random Oracle model

Contribution: AKE protocol in the BRM CLIENTSERVER Universally-Composable Password-based Authenticated Key Exchange protocol Weak Key Exchange protocol Setup: long shared secret random file F Implemented using OpenSSL crypto library input-shrinking function Λ Λ (F) active over the channel Key Indistinguishable from random Input-shrinking functions: theory and application Francesco Davì Random Oracle model Password

Contribution: AKE protocol in the BRM CLIENTSERVER Universally-Composable Password-based Authenticated Key Exchange protocol Weak Key Exchange protocol Setup: long shared secret random file F Implemented using OpenSSL crypto library input-shrinking function Λ Λ (F) active over the channel Key Indistinguishable from random Input-shrinking functions: theory and application Francesco Davì Random Oracle model Password Weak Key Exchange protocol Low entropy Human memorizable Password-based Authenticated Key Exchange protocol Key Password

Contribution: Weak Key Exchange protocol (1/3) CLIENTSERVER Weak Key Exchange protocol Input-shrinking functions: theory and application Francesco Davì Password Λ (F) active over the channel We prove that: i.e. the shared passwords are individually unpredictable for the adversary H ∞ (Password| Λ (F)) is high (with high probability) Setup: long shared secret random file F

Contribution: Weak Key Exchange protocol (1/3) CLIENTSERVER Weak Key Exchange protocol Setup: long shared secret random file F input-shrinking function Λ Λ (F) Input-shrinking functions: theory and application Francesco Davì Password We prove that: i.e. the shared passwords are individually unpredictable for the adversary H ∞ (Password| Λ (F)) is high (with high probability) Λ (F)

Contribution: Weak Key Exchange protocol (2/3) CLIENT SERVER Setup: long shared secret random file F Input-shrinking functions: theory and application Francesco Davì bits indexes Choose random indexes IDX_CLIENT Choose random indexes IDX_SERVER IDX_CLIENT IDX_SERVER Create password: concatenate the corresponding bits of F Several large numbers

Contribution: Weak Key Exchange protocol (3/3) Input-shrinking functions: theory and application Francesco Davì Choose random short SEED_CLIENT Choose random short SEED_SERVER SEED_CLIENT SEED_SERVER Calculate indexes: IDX_CLIENT i = H (i|SEED_CLIENT) IDX_SERVER i = H (i|SEED_SERVER) Calculate indexes: IDX_CLIENT i = H (i|SEED_CLIENT) IDX_SERVER i = H (i|SEED_SERVER) Public parameter: cryptographic hash function H Create password unpredictable Random Oracle model Setup: long shared secret random file F CLIENTSERVER Λ (F)

Contribution: Weak Key Exchange protocol (3/3) input-shrinking function Λ Λ (F) Input-shrinking functions: theory and application Francesco Davì Choose random short SEED_CLIENT Choose random short SEED_SERVER SEED_CLIENT SEED_SERVER Calculate indexes: IDX i = H (i|SEED) Calculate indexes: IDX i = H (i|SEED) Public parameter: cryptographic hash function H Create password unpredictable Random Oracle model CLIENT SERVER bits indexes Setup: long shared secret random file F

Efficiency Input-shrinking functions: theory and application Francesco Davì File size # bits used by the parties 1 Gb50 Kb 10 Gb55 Kb 100 Gb60 Kb Even if retrieves 99% of the secret huge shared file the parties have to use a small portion of the file to provide security