Abstract
Non-malleable codes, introduced as a relaxation of error-correcting codes by Dziembowski, Pietrzak, and Wichs (ICS ’10), provide the security guarantee that the message contained in a tampered codeword is either the same as the original message or is set to an unrelated value. Various applications of non-malleable codes have been discovered, and one of the most significant applications among these is the connection with tamper-resilient cryptography. There is a large body of work considering security against various classes of tampering functions, as well as non-malleable codes with enhanced features such as leakage resilience. In this work, we propose combining the concepts of non-malleability, leakage resilience, and locality in a coding scheme. The contribution of this work is threefold:
- 1.
As a conceptual contribution, we define a new notion of locally decodable and updatable non-malleable code that combines the above properties.
- 2.
We present two simple and efficient constructions achieving our new notion with different levels of security.
- 3.
We present an important application of our new tool—securing RAM computation against memory tampering and leakage attacks. This is analogous to the usage of traditional non-malleable codes to secure implementations in the circuit model against memory tampering and leakage attacks.
Similar content being viewed by others
Notes
These non-persistent registers are viewed as part of the circuitry that stores some transient states, while the CPU is computing at each cycle. The number of these registers is small, and the CPU needs to erase the data in order to reuse them, so they cannot be used to store a secret key that is needed for a long term of computation.
There are some technical subtleties to simulate all leakage/tampering attacks on the values passing the bus using memory attacks (and addresses). We defer the rigorous treatment to future work.
If there is no refreshing procedure, then the adversary can eventually learn the whole codeword bit by bit by leakage. Thus he can learn the underlying message.
Here we assume \(|\mathcal {X} |\) is greater than the security parameter.
References
D. Aggarwal, S. Agrawal, D. Gupta, H.K. Maji, O. Pandey, M. Prabhakaran. Optimal computational split-state non-malleable codes, in E. Kushilevitz, T. Malkin, editors, TCC 2016-A, Part II. LNCS, vol. 9563 (Springer, Heidelberg, 2016), pp. 393–417
D. Aggarwal, Y. Dodis, T. Kazana, M. Obremski. Non-malleable reductions and applications, in R.A. Servedio, R. Rubinfeld, editors, 47th ACM STOC (ACM Press, 2015), pp. 459–468
D. Aggarwal, Y. Dodis, S. Lovett. Non-malleable codes from additive combinatorics, in D.B. Shmoys, editor, 46th ACM STOC (ACM Press, 2014), pp. 774–783
D. Aggarwal, S. Dziembowski, T. Kazana, M. Obremski. Leakage-resilient non-malleable codes, in Y. Dodis, J.B. Nielsen, editors, TCC 2015, Part I. LNCS, vol. 9014 (Springer, Heidelberg, 2015), pp. 398–426
D. Aggarwal, T. Kazana, M. Obremski. Inception makes non-malleable codes stronger. IACR Cryptol. ePrint Arch.2015, 1013 (2015)
D. Agrawal, B. Archambeault, J.R. Rao, P. Rohatgi. The EM side-channel(s), in B.S. Kaliski Jr., Ç Kaya Koç, C. Paar, editors, CHES 2002. LNCS, vol. 2523 (Springer, Heidelberg, 2003), pp. 29–45
S. Agrawal, D. Gupta, H.K. Maji, O. Pandey, M. Prabhakaran. Explicit non-malleable codes against bit-wise tampering and permutations, in R. Gennaro, and M.J.B. Robshaw, editors, CRYPTO 2015, Part I. LNCS, vol. 9215 (Springer, Heidelberg, 2015), pp. 538–557
S. Agrawal, D. Gupta, H.K. Maji, O. Pandey, M. Prabhakaran. A rate-optimizing compiler for non-malleable codes against bit-wise tampering and permutations, in Y. Dodis, J.B. Nielsen, editors, TCC 2015, Part I. LNCS, vol. 9014 (Springer, Heidelberg, 2015), pp. 375–397
M. Bellare, C. Namprempre. Authenticated encryption: Relations among notions and analysis of the generic composition paradigm, in T. Okamoto, editor, ASIACRYPT 2000. LNCS, vol. 1976. (Springer, Heidelberg, 2000), pp. 531–545
M. Bellare, P. Rogaway. Encode-then-encipher encryption: How to exploit nonces or redundancy in plaintexts for efficient cryptography, in T. Okamoto, editor, ASIACRYPT 2000. LNCS, vol. 1976 (Springer, Heidelberg, 2000), pp. 317–330
E. Biham, A. Shamir. Differential fault analysis of secret key cryptosystems, in B.S. Kaliski Jr., editor, CRYPTO’97. LNCS, vol. 1294 (Springer, Heidelberg, 1997), pp. 513–525
D. Boneh, R.A. DeMillo, R.J. Lipton. On the importance of eliminating errors in cryptographic computations. J. Cryptol.14(2), 101–119 (2001)
N. Chandran, B. Kanukurthi, R. Ostrovsky. Locally updatable and locally decodable codes, in Y. Lindell, editor, TCC 2014. LNCS, vol. 8349 (Springer, Heidelberg, 2014), pp. 489–514
N. Chandran, B. Kanukurthi, S. Raghuraman. Information-theoretic local non-malleable codes and their applications, in E. Kushilevitz, T. Malkin, editors, TCC 2016-A, Part II. LNCS, vol. 9563 (Springer, Heidelberg, 2016), pp. 367–392
M. Cheraghchi, V. Guruswami. Capacity of non-malleable codes, in M. Naor, editor, ITCS 2014 (ACM, 2014), pp. 155–168
M. Cheraghchi, V. Guruswami. Non-malleable coding against bit-wise and split-state tampering, in Y. Lindell, editor, TCC 2014. LNCS, vol. 8349 (Springer, Heidelberg, 2014), pp. 440–464
S.G. Choi, A. Kiayias, T. Malkin. BiTR: built-in tamper resilience, in D.H. Lee, X. Wang, editors, ASIACRYPT 2011. LNCS, vol. 7073 (Springer, Heidelberg, 2011), pp. 740–758
B. Chor, E. Kushilevitz, O. Goldreich, M. Sudan. Private information retrieval. J. ACM45(6), 965–981 (1998)
S. Coretti, U. Maurer, B. Tackmann, D. Venturi. From single-bit to multi-bit public-key encryption via non-malleable codes, in Y. Dodis, J.B. Nielsen, editors, TCC 2015, Part I. LNCS, vol. 9014 (Springer, Heidelberg, 2015), pp. 532–560
D. Dachman-Soled, Y.T. Kalai. Securing circuits against constant-rate tampering, in R. Safavi-Naini, R. Canetti, editors, CRYPTO 2012. LNCS, vol. 7417 (Springer, Heidelberg, 2012), pp. 533–551
D. Dachman-Soled, Y.T. Kalai. Securing circuits and protocols against 1/poly(k) tampering rate, in Y. Lindell, editor, TCC 2014. LNCS, vol. 8349 (Springer, Heidelberg, 2014), pp. 540–565
I. Damgård, S. Faust, P. Mukherjee, D. Venturi. Bounded tamper resilience: how to go beyond the algebraic barrier, in K. Sako, P. Sarkar, editors, ASIACRYPT 2013, Part II. LNCS, vol. 8270 (Springer, Heidelberg, 2013), pp. 140–160
Y. Dodis, K. Pietrzak. Leakage-resilient pseudorandom functions and side-channel attacks on Feistel networks, in T. Rabin, editor, CRYPTO 2010. LNCS, vol. 6223 (Springer, Heidelberg, 2010), pp. 21–40
A. Duc, S. Dziembowski, S. Faust. Unifying leakage models: from probing attacks to noisy leakage, in P.Q. Nguyen, E. Oswald, editors, EUROCRYPT 2014. LNCS, vol. 8441 (Springer, Heidelberg, 2014), pp. 423–440
S. Dziembowski, S. Faust. Leakage-resilient cryptography from the inner-product extractor, in D.H. Lee, X. Wang, editors, ASIACRYPT 2011. LNCS, vol. 7073 (Springer, Heidelberg, 2011), pp. 702–721
S. Dziembowski, S. Faust. Leakage-resilient circuits without computational assumptions, in R. Cramer, editor, TCC 2012. LNCS, vol. 7194 (Springer, Heidelberg, 2012), pp. 230–247
S. Dziembowski, T. Kazana, M. Obremski. Non-malleable codes from two-source extractors, in R. Canetti, J.A. Garay, editors, CRYPTO 2013, Part II. LNCS, vol. 8043 (Springer, Heidelberg, 2013), pp. 239–257
S. Dziembowski, K. Pietrzak. Leakage-resilient cryptography, in 49th FOCS (IEEE Computer Society Press, 2008), pp. 293–302
S. Dziembowski, K. Pietrzak, D. Wichs. Non-malleable codes, in A. Chi-Chih Yao, editor, ICS 2010 (Tsinghua University Press, 2010), pp. 434–452
S. Faust, P. Mukherjee, J.B. Nielsen, D. Venturi. Continuous non-malleable codes, in Y. Lindell, editor, TCC 2014. LNCS, vol. 8349 (Springer, Heidelberg, 2014), pp. 465–488
S. Faust, P. Mukherjee, J.B. Nielsen, D. Venturi. A tamper and leakage resilient von neumann architecture, in J. Katz, editor, PKC 2015. LNCS, vol. 9020 (Springer, Heidelberg, 2015), pp. 579–603
S. Faust, P. Mukherjee, D. Venturi, D. Wichs. Efficient non-malleable codes and key-derivation for poly-size tampering circuits, in P.Q. Nguyen, E. Oswald, editors, EUROCRYPT 2014. LNCS, vol. 8441 (Springer, Heidelberg, 2014), pp. 111–128
S. Faust, K. Pietrzak, D. Venturi. Tamper-proof circuits: how to trade leakage for tamper-resilience, in L. Aceto, M. Henzinger, J. Sgall, editors, ICALP 2011, Part I. LNCS, vol. 6755 (Springer, Heidelberg, 2011), pp. 391–402
S. Faust, T. Rabin, L. Reyzin, E. Tromer, V. Vaikuntanathan. Protecting circuits from leakage: the computationally-bounded and noisy cases, in H. Gilbert, editor, EUROCRYPT 2010. LNCS, vol. 6110 (Springer, Heidelberg, 2010), pp. 135–156
R. Gennaro, A. Lysyanskaya, T. Malkin, S. Micali, T. Rabin. Algorithmic tamper-proof (ATP) security: theoretical foundations for security against hardware tampering, in M. Naor, editor, TCC 2004. LNCS, vol. 2951 (Springer, Heidelberg, 2004), pp. 258–277
O. Goldreich, R. Ostrovsky. Software protection and simulation on oblivious rams. J. ACM43(3), 431–473 (1996)
S. Goldwasser, G.N. Rothblum. Securing computation against continuous leakage, in T. Rabin, editor, CRYPTO 2010. LNCS, vol. 6223 (Springer, Heidelberg, 2010), pp. 59–79
S. Goldwasser, G.N. Rothblum. How to compute in the presence of leakage, in 53rd FOCS (IEEE Computer Society Press, 2012), pp. 31–40
J.A. Halderman, S.D. Schoen, N. Heninger, W. Clarkson, W. Paul, J.A. Calandrino, A.J. Feldman, J. Appelbaum, E.W. Felten. Lest we remember: cold boot attacks on encryption keys, in USENIX Security Symposium (2008), pp. 45–60
Y. Ishai, E. Kushilevitz. On the hardness of information-theoretic multiparty computation, in C. Cachin, J. Camenisch, editors, EUROCRYPT 2004. LNCS, vol. 3027 (Springer, Heidelberg, 2004), pp. 439–455
Y. Ishai, M. Prabhakaran, A. Sahai, D. Wagner. Private circuits II: keeping secrets in tamperable circuits, in S. Vaudenay, editor, EUROCRYPT 2006. LNCS, vol. 4004 (Springer, Heidelberg, 2006), pp. 308–327
Y. Ishai, A. Sahai, D. Wagner. Private circuits: securing hardware against probing attacks, in D. Boneh, editor, CRYPTO 2003. LNCS, vol. 2729 (Springer, Heidelberg, 2003), pp. 463–481
A. Juma, Y. Vahlis. Protecting cryptographic keys against continual leakage, in T. Rabin, editor, CRYPTO 2010. LNCS, vol. 6223 (Springer, Heidelberg, 2010), pp. 41–58
J. Katz, L. Trevisan. On the efficiency of local decoding procedures for error-correcting codes, in 32nd ACM STOC (ACM Press, 2000), pp. 80–86
J. Katz, M. Yung. Unforgeable encryption and chosen ciphertext secure modes of operation, in B. Schneier, editor, FSE 2000. LNCS, vol. 1978 (Springer, Heidelberg, 2001), pp. 284–299
A. Kiayias, Y. Tselekounis. Tamper resilient circuits: the adversary at the gates, in K. Sako, P. Sarkar, editors, ASIACRYPT 2013, Part II. LNCS, vol. 8270 (Springer, Heidelberg, 2013), pp. 161–180
P.C. Kocher. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems, in N. Koblitz, editor, CRYPTO’96. LNCS, vol. 1109 (Springer, Heidelberg, 1996), pp. 104–113
P.C. Kocher, J. Jaffe, B. Jun. Differential power analysis, in M.J. Wiener, editor, CRYPTO’99. LNCS, vol. 1666 (Springer, Heidelberg, 1999), pp. 388–397
D. Lie, C.A. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J.C. Mitchell, M. Horowitz. Architectural support for copy and tamper resistant software, in ASPLOS (2000), pp. 168–177
F.-H. Liu, A. Lysyanskaya. Tamper and leakage resilience in the split-state model, in R. Safavi-Naini, R. Canetti, editors, CRYPTO 2012. LNCS, vol. 7417 (Springer, Heidelberg, 2012), pp. 517–532
S. Micali, L. Reyzin. Physically observable cryptography (extended abstract), in M. Naor, editor, TCC 2004. LNCS, vol. 2951 (Springer, Heidelberg, 2004), pp. 278–296
K. Pietrzak. A leakage-resilient mode of operation, in A. Joux, editor, EUROCRYPT 2009. LNCS, vol. 5479 (Springer, Heidelberg, 2009), pp. 462–482
T. Ristenpart, E. Tromer, H. Shacham, S. Savage. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds, in E. Al-Shaer, S. Jha, A.D. Keromytis, editors, ACM CCS 09 (ACM Press, 2009), pp. 199–212
G.N. Rothblum. How to compute under \({{AC}}^{0}\) leakage without secure hardware, in R. Safavi-Naini, R. Canetti, editors, CRYPTO 2012. LNCS, vol. 7417 (Springer, Heidelberg, 2012), pp. 552–569
G.E. Suh, D.E. Clarke, B. Gassend, M. van Dijk, S. Devadas. AEGIS: architecture for tamper-evident and tamper-resistant processing, in Proceedings of the 17th Annual International Conference on Supercomputing, ICS 2003 (2003), pp. 160–171
A. Vasudevan, J.M. McCune, J. Newsome, A. Perrig, L. van Doorn. CARMA: a hardware tamper-resistant isolated execution environment on commodity x86 platforms, in H. Youl Youm, Y. Won, editors, ASIACCS 12 (ACM Press, 2012), pp. 48–49
S. Yekhanin. Locally decodable codes. Found. Trends Theor. Comput. Sci.6(3), 139–255 (2012)
Acknowledgements
We thank Yevgeniy Dodis for helpful discussions.
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by Stefan Wolf.
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Dana Dachman-Soled: Supported in part by NSF CAREER Award #CNS-1453045 and by a Ralph E. Powe Junior Faculty Enhancement Award.
Feng-Hao Liu: Supported in part by NSF award #CNS-1657040. This work was done, while the author was a postdoctoral researcher at the University of Maryland.
Elaine Shi: Supported in part by NSF award #CNS-1601879, a Packard Fellowship, and a DARPA Safeware Grant (subcontractor under IBM). This work was done, while the author was an assistant professor at the University of Maryland.
Hong-Sheng Zhou: Supported in part by NSF award #CNS-1801470.
Rights and permissions
About this article
Cite this article
Dachman-Soled, D., Liu, FH., Shi, E. et al. Locally Decodable and Updatable Non-malleable Codes and Their Applications. J Cryptol 33, 319–355 (2020). https://doi.org/10.1007/s00145-018-9306-z
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00145-018-9306-z