Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure storage of cryptographic keys within random volumetric materials Roarke Horstmeyer 1, Benjamin Judkewitz 1, Ivo Vellekoop 2 and Changhuei Yang 1.

Published byPreston Lyons Modified over 9 years ago

Similar presentations

Presentation on theme: "Secure storage of cryptographic keys within random volumetric materials Roarke Horstmeyer 1, Benjamin Judkewitz 1, Ivo Vellekoop 2 and Changhuei Yang 1."— Presentation transcript:

1 Secure storage of cryptographic keys within random volumetric materials Roarke Horstmeyer 1, Benjamin Judkewitz 1, Ivo Vellekoop 2 and Changhuei Yang 1 1 California Institute of Technology, Pasadena, CA 2 University of Twente, Enschede, The Netherlands

2 Goal: Create an ideally secure link between two communicators without relying upon the security of digital electronic storage

3 -Ideal security “information-theoretic” security 1 [1] Shannon, C. Bell System Technical Journal 28, 656–715 (1949).

4 Goal: Create an ideally secure link between two communicators without relying upon the security of digital electronic storage -Ideal security -Well-established solution: the one-time pad “information-theoretic” security 1 Message: Random key: 00 0111 … 01 0011 … [1] Shannon, C. Bell System Technical Journal 28, 656–715 (1949).

5 Goal: Create an ideally secure link between two communicators without relying upon the security of digital electronic storage -Ideal security -Well-established solution: the one-time pad “information-theoretic” security 1 Message: Random key: 00 0111 … 01 0011 … Ciphertext: 01 0100 … = XOR operation [1] Shannon, C. Bell System Technical Journal 28, 656–715 (1949).

6 Goal: Create an ideally secure link between two communicators without relying upon the security of digital electronic storage -Ideal security -Well-established solution: the one-time pad “information-theoretic” security 1 Message: Random key: 00 0111 … 01 0011 … Ciphertext: 01 0100 … = XOR operation [1] Shannon, C. Bell System Technical Journal 28, 656–715 (1949).

7 Goal: Create an ideally secure link between two communicators without relying upon the security of digital electronic storage -Ideal security -Well-established solution: the one-time pad “information-theoretic” security 1 Message: Random key: 00 0111 … 01 0011 … Ciphertext: Limitations: “Really long” key is hard to generate and store 01 0100 … = XOR operation [1] Shannon, C. Bell System Technical Journal 28, 656–715 (1949).

8 Goal: Create an ideally secure link between two communicators without relying upon the security of digital electronic storage Digital electronic memory: insecure Tools: Imaging, freezing, probing, overwriting… Goals: Key copying, alteration, viruses…

9 Digital electronic memory: insecure Tools: Imaging, freezing, probing, overwriting… Goals: Key copying, alteration, viruses… Goal: Create an ideally secure link between two communicators without relying upon the security of digital electronic storage

10 Digital electronic memory: insecure Solution: volumetric optical scattering Tools: Imaging, freezing, probing, overwriting… Goals: Key copying, alteration, viruses… coherent light unique speckle Goal: Create an ideally secure link between two communicators without relying upon the security of digital electronic storage

11 Digital electronic memory: insecure Tools: Imaging, freezing, probing, overwriting… Goals: Key copying, alteration, viruses… Δθ ~ λ/2π a a Uncorrelated speckle Solution: volumetric optical scattering Goal: Create an ideally secure link between two communicators without relying upon the security of digital electronic storage

12 Digital electronic memory: insecure Tools: Imaging, freezing, probing, overwriting… Benefits -Sensitive 3D structure -High density (1 Tb/mm 3 ) -“Cheap” entropy Goals: Key copying, alteration, viruses Solution: volumetric optical scattering “key database” Goal: Create an ideally secure link between two communicators without relying upon the security of digital electronic storage

13 Previous Work Optical encryption methods Secure storage Our Goal Information- theoretic security Keys cannot be copied, cloned Challenging to use a stolen device Requires digital key storage Pappu et al., Science 297 (2001) Skoric et al., Applied Crypto. & Network Sec. 3531 (2005) Not for communication - Digital electronic security - IC, FPGA, RFID - Random variations in fab. process - Fiber-based protocols - Quantum key distribution - Optical random number generation Limitations - Optical storage for ID, authentication

14 Our setup

15 “key database”

16 Our setup “key database” Input: n random SLM patterns Output: n speckle images

17 Mathematical model pipi riri T = scattering transmission matrix 2 riri = Display Image

18 Mathematical model pipi riri Pixel value Speckle Intensity Histogram Probability Speckle Image r i T = scattering transmission matrix 2 riri =

19 Mathematical model Digital “whitening” (public) pipi riri T = scattering transmission matrix 2 riri =

20 Mathematical model Digital “whitening” (public) pipi riri T = scattering transmission matrix 2 riri = W = sparse binary matrix (digital, public) Image Key

21 Verification of speckle key randomness -Statistical randomness test suites: Diehard 1 and NIST 2 -12 different 10 Gb keys k tested -Stats comparable to state-of-the-art random number generators Table 1 | Example NIST statistical randomness test performance. NIST statistical randomness test package performance of a typical 10-gigabit sequence of random CPUF data, split into 10,000 unique 1 megabit sequences following a common procedure 11,12. For ‘success’ using 10,000 samples of 10 6 bit sequences and significance level α =0.01, the p-value (uniformity of p-values) should be larger than 0.0001 and the minimum pass rate is 0.987015. [1] Marsaglia, G. http://stat.fsu.edu/pub/diehard (1996). [2] Rukhin, A. et. al, National Institute of Standards and Technology Special Publication 800-22 (2001).

22 Securely linking two devices for communication Each device is unique – how to implement the one-time pad between two parties?

23 Securely linking two devices for communication Each device is unique – how to implement the one-time pad between two parties? Scat.

24 Securely linking two devices for communication Each device is unique – how to implement the one-time pad between two parties? Communication achieved through an information-theoretically secure key-pair Scat.

25 Securely linking two devices for communication Dictionary Setup 1. Alice and Bob securely connect devices 2. Display p 1..n 3. Publically save XOR of keys k 1..n (A)  k 1..n (B) Alice’s device Bob’s device

26 Securely linking two devices for communication Dictionary Setup 1. Alice and Bob securely connect devices 2. Display p 1..n 3. Publically save XOR of keys k 1..n (A)  k 1..n (B) Alice’s device Bob’s device OTP ciphertext: ideally secure

27 Securely linking two devices for communication Alice sends Bob a message 1. Alice randomly selects p, creates k(A) and computes ( k(A)  m ) 2. Alice sends (k(A)  m) and p 3. Bob creates k(B), looks up ( k(A)  k(B) ) 4. Bob computes: k(B)  ( k(A)  k(B) )  (k(A)  m) = m Alice’s device Bob’s device

28 Experimental demonstration Key size: 10 Gb (100 Gb unverified) Duration: 24 hours Attack time: ~50 hours Noise: ~20% bits flipped* *after error correction

29 Conclusion and future work Future work -Public key variant -Detailed security analysis R. Horstmeyer, “Physical key-protected one-time pad,” arxiv:1305:3886 (2013) - Non-electronic storage of 10 Gb over 24 hours - New protocol for “physical memory” -Information-theoretic security -Linking physical disorder Thank You!

Download ppt "Secure storage of cryptographic keys within random volumetric materials Roarke Horstmeyer 1, Benjamin Judkewitz 1, Ivo Vellekoop 2 and Changhuei Yang 1."

Similar presentations

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Lecture 5: Cryptographic Hashes

Lecture 5: Cryptographic Hashes
1 A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Application This contribution discusses some aspects of testing.

1 A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Application This contribution discusses some aspects of testing.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
Block Ciphers and the Data Encryption Standard

Block Ciphers and the Data Encryption Standard
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.

Cryptography. 2 Objectives Explain common terms used in the field of cryptography Outline what mechanisms constitute a strong cryptosystem Demonstrate.
Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science ©2002-2004 Matt.

Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.
Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.

Block Ciphers 1 Block Ciphers Block Ciphers 2 Block Ciphers  Modern version of a codebook cipher  In effect, a block cipher algorithm yields a huge.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
HSC: Building Stream Cipher from Secure Hash Functions Juncao Li Nov. 29 th 2007 Department of Computer Science Portland State University.

HSC: Building Stream Cipher from Secure Hash Functions Juncao Li Nov. 29 th 2007 Department of Computer Science Portland State University.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Privacy-Preserving Cross-Domain Network Reachability Quantification

Privacy-Preserving Cross-Domain Network Reachability Quantification
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.

ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
CRYPTOGRAPHY WHAT IS IT GOOD FOR? Andrej Bogdanov Chinese University of Hong Kong CMSC 5719 | 6 Feb 2012.

CRYPTOGRAPHY WHAT IS IT GOOD FOR? Andrej Bogdanov Chinese University of Hong Kong CMSC 5719 | 6 Feb 2012.
BB84 Quantum Key Distribution 1.Alice chooses (4+  )n random bitstrings a and b, 2.Alice encodes each bit a i as {|0>,|1>} if b i =0 and as {|+>,|->}

BB84 Quantum Key Distribution 1.Alice chooses (4+  )n random bitstrings a and b, 2.Alice encodes each bit a i as {|0>,|1>} if b i =0 and as {|+>,|->}
CMSC 414 Computer (and Network) Security Lecture 24 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 24 Jonathan Katz.
Quantum Cryptography Prafulla Basavaraja CS 265 – Spring 2005.

Quantum Cryptography Prafulla Basavaraja CS 265 – Spring 2005.
Lo-Chau Quantum Key Distribution 1.Alice creates 2n EPR pairs in state each in state |  00 >, and picks a random 2n bitstring b, 2.Alice randomly selects.

Lo-Chau Quantum Key Distribution 1.Alice creates 2n EPR pairs in state each in state |  00 >, and picks a random 2n bitstring b, 2.Alice randomly selects.

Similar presentations

Ads by Google