scholarly journals Side-Channel Protections for Picnic Signatures

2021 ◽  
pp. 239-282
Author(s):  
Diego F. Aranha ◽  
Sebastian Berndt ◽  
Thomas Eisenbarth ◽  
Okan Seker ◽  
Akira Takahashi ◽  
...  
Keyword(s):  
Hash Function ◽  
Proof System ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Zero Knowledge ◽  
Signature Schemes ◽  
First Order ◽  
The Third ◽  
Zero Knowledge Proof

We study masking countermeasures for side-channel attacks against signature schemes constructed from the MPC-in-the-head paradigm, specifically when the MPC protocol uses preprocessing. This class of signature schemes includes Picnic, an alternate candidate in the third round of the NIST post-quantum standardization project. The only previously known approach to masking MPC-in-the-head signatures suffers from interoperability issues and increased signature sizes. Further, we present a new attack to demonstrate that known countermeasures are not sufficient when the MPC protocol uses a preprocessing phase, as in Picnic3.We overcome these challenges by showing how to mask the underlying zero-knowledge proof system due to Katz–Kolesnikov–Wang (CCS 2018) for any masking order, and by formally proving that our approach meets the standard security notions of non-interference for masking countermeasures. As a case study, we apply our masking technique to Picnic. We then implement different masked versions of Picnic signing providing first order protection for the ARM Cortex M4 platform, and quantify the overhead of these different masking approaches. We carefully analyze the side-channel risk of hashing operations, and give optimizations that reduce the CPU cost of protecting hashing in Picnic by a factor of five. The performance penalties of the masking countermeasures ranged from 1.8 to 5.5, depending on the degree of masking applied to hash function invocations.

scholarly journals CacheQuote: Efficiently Recovering Long-term Secrets of SGX EPID via Cache Attacks

2018 ◽  
pp. 171-191 ◽  
Author(s):  
Fergus Dall ◽  
Gabrielle De Micheli ◽  
Thomas Eisenbarth ◽  
Daniel Genkin ◽  
Nadia Heninger ◽  
...  
Keyword(s):  
Secure Computation ◽  
Side Channel ◽  
Zero Knowledge ◽  
Signature Schemes ◽  
Number Problem ◽  
Trusted Hardware ◽  
Hidden Number Problem ◽  
Cache Attacks ◽  
Zero Knowledge Proof

Intel Software Guard Extensions (SGX) allows users to perform secure computation on platforms that run untrusted software. To validate that the computation is correctly initialized and that it executes on trusted hardware, SGX supports attestation providers that can vouch for the user’s computation. Communication with these attestation providers is based on the Extended Privacy ID (EPID) protocol, which not only validates the computation but is also designed to maintain the user’s privacy. In particular, EPID is designed to ensure that the attestation provider is unable to identify the host on which the computation executes. In this work we investigate the security of the Intel implementation of the EPID protocol. We identify an implementation weakness that leaks information via a cache side channel. We show that a malicious attestation provider can use the leaked information to break the unlinkability guarantees of EPID. We analyze the leaked information using a lattice-based approach for solving the hidden number problem, which we adapt to the zero-knowledge proof in the EPID scheme, extending prior attacks on signature schemes.

scholarly journals Designated-Verifier Anonymous Credential for Identity Management in Decentralized Systems

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Xudong Deng ◽  
Chengliang Tian ◽  
Fei Chen ◽  
Hequn Xian
Keyword(s):  
Hash Function ◽  
Identity Management ◽  
Single Point ◽  
Proof System ◽  
Public Concern ◽  
Decentralized Systems ◽  
Zero Knowledge ◽  
Designated Verifier ◽  
Anonymous Credential ◽  
Zero Knowledge Proof

Most of the existing identity management is the centralized architecture that has to validate, certify, and manage identity in a centralized approach by trusted authorities. Decentralized identity is causing widespread public concern because it enables to give back control of identity to clients, and the client then has the ability to control when, where, and with whom they share their credentials. A decentralized solution atop on blockchain will bypass the centralized architecture and address the single point of the failure problem. To our knowledge, blockchain is an inherited pseudonym but it cannot achieve anonymity and auditability directly. In this paper, we approach the problem of decentralized identity management starting from the designated-verifier anonymous credential (DVAC in short). DVAC would assist to build a new practical decentralized identity management with anonymity and auditability. Apart from the advantages of the conventional anonymous credential, the main advantage of the proposed DVAC atop blockchain is that the issued cryptographic token will be divided into shares at the issue phase and will be combined at the showing credential phase. Further, the smooth projective hash function ( SPHF in short) is regarded as a designated-verifier zero-knowledge proof system. Thus, we introduce the SPHF to achieve the designated verifiability without compromising the privacy of clients. Finally, the security of the proposed DVAC is proved along with theoretical and experimental evaluations.

scholarly journals Side-channel attacks against the human brain: the PIN code case study (extended version)

2018 ◽  
Vol 5 (2) ◽  
Author(s):  
Joseph Lange ◽  
Clément Massart ◽  
André Mouraux ◽  
François-Xavier Standaert
Keyword(s):  
Human Brain ◽  
Side Channel ◽  
Extended Version ◽  
Side Channel Attacks

scholarly journals A Survey of Noninteractive Zero Knowledge Proof System and Its Applications

2014 ◽  
Vol 2014 ◽  
pp. 1-7 ◽  
Author(s):  
Huixin Wu ◽  
Feng Wang
Keyword(s):  
Research Progress ◽  
Proof System ◽  
Future Research ◽  
Zero Knowledge ◽  
Basic Principles ◽  
Research Directions ◽  
Future Research Directions ◽  
Np Problems ◽  
Important Branch ◽  
Zero Knowledge Proof

Zero knowledge proof system which has received extensive attention since it was proposed is an important branch of cryptography and computational complexity theory. Thereinto, noninteractive zero knowledge proof system contains only one message sent by the prover to the verifier. It is widely used in the construction of various types of cryptographic protocols and cryptographic algorithms because of its good privacy, authentication, and lower interactive complexity. This paper reviews and analyzes the basic principles of noninteractive zero knowledge proof system, and summarizes the research progress achieved by noninteractive zero knowledge proof system on the following aspects: the definition and related models of noninteractive zero knowledge proof system, noninteractive zero knowledge proof system of NP problems, noninteractive statistical and perfect zero knowledge, the connection between noninteractive zero knowledge proof system, interactive zero knowledge proof system, and zap, and the specific applications of noninteractive zero knowledge proof system. This paper also points out the future research directions.

scholarly journals Influence on The Level Riders Motorcycle Accident Traffic with Traffic Methods of Conflict Technique (TCT) (Case Study: Jalan Raya Narogong Bekasi City)

2020 ◽  
Vol 2 (2) ◽  
pp. 184-189
Author(s):  
Andri Irfan Rifai ◽  
Finsa Aziz Fernanda
Keyword(s):  
Traffic Accidents ◽  
Observation Data ◽  
Third Order ◽  
First Order ◽  
The Third ◽  
Motorcycle Accident ◽  
Transportation Sector ◽  
Side Collision ◽  
Traffic Rules

The increasing number of traffic accidents can be caused by drivers, vehicles, highways, and the environment. In Indonesia, traffic accidents become one of the problems in the transportation sector. Prevention is done during this time to anticipate accidents only based on the data of the accident quantity that has occurred. Though factors or incidents that can cause accidents to become the biggest contributor in the event of accidents. For example, driving a vehicle in an unorderly manner, the pace of the vehicle with the above-average velocity set traffic rules, and sudden vehicle maneuvers. This research is done by identifying and analyzing the behavior of motorcyclists who affect accidents and applying TCT methods to observation data at points that become potential locations Against accidents. The research location is on the Narogong Highway which is divided into 2 segments. In Segment 1 begins at junction four Cipendawa (after the flyover Simpang Cipendawa) until the junction of the three Gg. Sawo (Bantar Gebang Market). Next, in Segment 2 starts from junction three of Gg. Sawo (Bantar Gebang Market) until the three houses of Vida housing. The results showed that the research location had potential that could cause the accident to be front-side on the first order, collision front-front on the second-order, and side-by-side collision on the third order. The speed of vehicles has an impact on accidents.

scholarly journals Transparency order versus confusion coefficient: a case study of NIST lightweight cryptography S-Boxes

Cybersecurity ◽  
2021 ◽  
Vol 4 (1) ◽  
Author(s):  
Huizhong Li ◽  
Guang Yang ◽  
Jingdian Ming ◽  
Yongbin Zhou ◽  
Chengbin Jin
Keyword(s):  
The Other ◽  
Side Channel ◽  
Side Channel Attacks ◽  
Lightweight Cryptography ◽  
Security Assurance ◽  
Channel Resistance ◽  
Cryptographic Algorithms ◽  
Transparency Order ◽  
Comprehensive Study

AbstractSide-channel resistance is nowadays widely accepted as a crucial factor in deciding the security assurance level of cryptographic implementations. In most cases, non-linear components (e.g. S-Boxes) of cryptographic algorithms will be chosen as primary targets of side-channel attacks (SCAs). In order to measure side-channel resistance of S-Boxes, three theoretical metrics are proposed and they are reVisited transparency order (VTO), confusion coefficients variance (CCV), and minimum confusion coefficient (MCC), respectively. However, the practical effectiveness of these metrics remains still unclear. Taking the 4-bit and 8-bit S-Boxes used in NIST Lightweight Cryptography candidates as concrete examples, this paper takes a comprehensive study of the applicability of these metrics. First of all, we empirically investigate the relations among three metrics for targeted S-boxes, and find that CCV is almost linearly correlated with VTO, while MCC is inconsistent with the other two. Furthermore, in order to verify which metric is more effective in which scenarios, we perform simulated and practical experiments on nine 4-bit S-Boxes under the non-profiled attacks and profiled attacks, respectively. The experiments show that for quantifying side-channel resistance of S-Boxes under non-profiled attacks, VTO and CCV are more reliable while MCC fails. We also obtain an interesting observation that none of these three metrics is suitable for measuring the resistance of S-Boxes against profiled SCAs. Finally, we try to verify whether these metrics can be applied to compare the resistance of S-Boxes with different sizes. Unfortunately, all of them are invalid in this scenario.

Sign in / Sign up

Export Citation Format

Share Document