Skip to main content
SpringerLink
Log in

Security Against Related Randomness Attacks via Reconstructive Extractors

  • Conference paper
  • First Online:
Cryptography and Coding (IMACC 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9496))

Included in the following conference series:

Abstract

This paper revisits related randomness attacks against public key encryption schemes as introduced by Paterson, Schuldt and Sibborn (PKC 2014). We present a general transform achieving security for public key encryption in the related randomness setting using as input any secure public key encryption scheme in combination with an auxiliary-input reconstructive extractor. Specifically, we achieve security in the function-vector model introduced by Paterson et al., obtaining the first constructions providing CCA security in this setting. We consider instantiations of our transform using the Goldreich-Levin extractor; these outperform the previous constructions in terms of public-key size and reduction tightness, as well as enjoying CCA security. Finally, we also point out that our approach leads to an elegant construction for Correlation Input Secure hash functions, which have proven to be a versatile tool in diverse areas of cryptography.

The first and third authors were supported by EPSRC grant EP/L018543/1, the second author is supported by JSPS KAKENHI Grant Number 15K16006, and the last author is partially supported by ANR Project EnBiD (ANR-14-CE28-0003).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    See also [22] for an extended discussion of the practical motivation for studying related randomness attacks based on the attack literature as represented by [2, 6, 7, 9, 1113, 1517, 19, 21, 25].

  2. 2.

    Specifically, Wichs’ results apply to encryption schemes which are injective with respect to the used randomness.

  3. 3.

    The bound quoted in [10] had the denominator \(512 n p^2\). However, we believe the bound has a slight error and should in fact be \(512 n p^3\), as given here. The bound in Eq. (1) was also used by Paterson et al. in [23].

References

  1. Abdalla, M., Benhamouda, F., Passelègue, A., Paterson, K.G.: Related-key security for pseudorandom functions beyond the linear barrier. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 77–94. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  2. Becherer, A., Stamos, A., Wilcox, N.: Cloud computing security: raining on the trendy new parade. In: BlackHat USA (2009)

    Google Scholar 

  3. Bellare, M., Brakerski, Z., Naor, M., Ristenpart, T., Segev, G., Shacham, H., Yilek, S.: Hedged public-key encryption: how to protect against bad randomness. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 232–249. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  4. Bellare, M., Cash, D.: Pseudorandom functions and permutations provably secure against related-key attacks. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 666–684. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  5. Bellare, M., Rogaway, P.: The security of triple encryption and a framework for code-based game-playing proofs. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 409–426. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  6. Bendel, M.: Hackers describe PS3 security as epic fail, gain unrestricted access (2011). http://www.exophase.com/20540/hackers-describe-ps3-security-as-epic-fail-gain-unrestricted-access/

  7. Bernstein, D.J., Chang, Y.-A., Cheng, C.-M., Chou, L.-P., Heninger, N., Lange, T., van Someren, N.: Factoring RSA keys from certified smart cards: coppersmith in the wild. Cryptology ePrint Archive, report 2013/599 (2013). http://eprint.iacr.org/

  8. Boneh, D., Halevi, S., Hamburg, M., Ostrovsky, R.: Circular-secure encryption from decision diffie-hellman. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 108–125. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  9. Debian Security Advisory DSA-1571-1: OpenSSL - predictable random number generator (2008). http://www.debian.org/security/2008/dsa-1571

  10. Dodis, Y., Goldwasser, S., Tauman Kalai, Y., Peikert, C., Vaikuntanathan, V.: Public-key encryption schemes with auxiliary inputs. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 361–381. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  11. Dodis, Y., Pointcheval, D., Ruhault, S., Vergnaud, D., Wichs, D.: Security analysis of pseudo-random number generators with input: /dev/random is not robust. IACR Cryptology ePrint Archive 2013:338 (2013)

    Google Scholar 

  12. Dorrendorf, L., Gutterman, Z., Pinkas, B.: Cryptanalysis of the random number generator of the Windows operating system. ACM Trans. Inf. Syst. Secur. 13(1) (2009)

    Google Scholar 

  13. Goldberg, I., Wagner, D.: Randomness and the Netscape browser (1996). http://www.drdobbs.com/windows/184409807

  14. Goyal, V., O’Neill, A., Rao, V.: Correlated-input secure hash functions. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 182–200. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  15. Gutterman, Z., Malkhi, D.: Hold your sessions: an attack on java session-id generation. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 44–57. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  16. Gutterman, Z., Pinkas, B., Reinman, T.: Analysis of the linux random number generator. In: IEEE Symposium on Security and Privacy, pp. 371–385. IEEE Computer Society (2006)

    Google Scholar 

  17. Heninger, N., Durumeric, Z., Wustrow, E., Alex Halderman, J.: Mining your Ps and Qs: detection of widespread weak keys in network devices. In: USENIX Security Symposium, August 2012

    Google Scholar 

  18. Kurosawa, K., Desmedt, Y.G.: A new paradigm of hybrid encryption scheme. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 426–442. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  19. Lenstra, A.K., Hughes, J.P., Augier, M., Bos, J.W., Kleinjung, T., Wachter, C.: Public keys. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 626–642. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  20. Lucks, S.: Ciphers secure against related-key attacks. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 359–370. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  21. Michaelis, K., Meyer, C., Schwenk, J.: Randomly failed! the state of randomness in current java implementations. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 129–144. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  22. Paterson, K.G., Schuldt, J.C.N., Sibborn, D.L.: Related randomness attacks for public key encryption. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 465–482. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  23. Paterson, K.G., Schuldt, J.C.N., Sibborn, D.L.: Related randomnessattacks for public key encryption. IACR Cryptology ePrint Archive 2014:337 (2014)

    Google Scholar 

  24. Raghunathan, A., Segev, G., Vadhan, S.: Deterministic public-key encryption for adaptively chosen plaintext distributions. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 93–110. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  25. Ristenpart, T., Yilek, S.: When good randomness goes bad: virtual machine reset vulnerabilities and hedging deployed cryptography. In: NDSS. The Internet Society (2010)

    Google Scholar 

  26. Wee, H.: Public key encryption against related key attacks. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 262–279. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  27. Wichs, D.: Barriers in cryptography with weak, correlated and leaky sources. In: Kleinberg, R.D. (ed.) ITCS, pp. 111–126. ACM (2013)

    Google Scholar 

  28. Yilek, S.: Resettable public-key encryption: how to encrypt on a virtual machine. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 41–56. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Royal Holloway, University of London, Surrey, UK

    Kenneth G. Paterson & Dale L. Sibborn

  2. National Institute of Advanced Industrial Science and Technology, Tokyo, Japan

    Jacob C. N. Schuldt

  3. École Normale Supérieure, Paris, France

    Hoeteck Wee

Authors
  1. Kenneth G. Paterson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jacob C. N. Schuldt
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dale L. Sibborn
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hoeteck Wee
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jacob C. N. Schuldt .

Editor information

Editors and Affiliations

  1. University College London, Cambridge, United Kingdom

    Jens Groth

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Paterson, K.G., Schuldt, J.C.N., Sibborn, D.L., Wee, H. (2015). Security Against Related Randomness Attacks via Reconstructive Extractors. In: Groth, J. (eds) Cryptography and Coding. IMACC 2015. Lecture Notes in Computer Science(), vol 9496. Springer, Cham. https://doi.org/10.1007/978-3-319-27239-9_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-27239-9_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-27238-2

  • Online ISBN: 978-3-319-27239-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation