Advertisement

Leakage-Resilient Cryptography from Puncturable Primitives and Obfuscation

  • Yu Chen
  • Yuyu WangEmail author
  • Hong-Sheng Zhou
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11273)

Abstract

In this work, we develop a framework for building leakage-resilient cryptosystems in the bounded leakage model from puncturable primitives and indistinguishability obfuscation (\(i\mathcal {O}\)). The major insight of our work is that various types of puncturable pseudorandom functions (PRFs) can achieve leakage resilience on an obfuscated street.

First, we build leakage-resilient weak PRFs from weak puncturable PRFs and \(i\mathcal {O}\), which readily imply leakage-resilient secret-key encryption. Then, we build leakage-resilient publicly evaluable PRFs (PEPRFs) from puncturable PEPRFs and \(i\mathcal {O}\), which readily imply leakage-resilient key encapsulation mechanism and thus public-key encryption. As a building block of independent interest, we realize puncturable PEPRFs from either newly introduced puncturable objects such as puncturable trapdoor functions and puncturable extractable hash proof systems or existing puncturable PRFs with \(i\mathcal {O}\). Finally, we construct the first leakage-resilient public-coin signature from selective puncturable PRFs, leakage-resilient one-way functions and \(i\mathcal {O}\). This settles the open problem posed by Boyle, Segev, and Wichs (Eurocrypt 2011).

By further assuming the existence of lossy functions, all the above constructions achieve optimal leakage rate of \(1 - o(1)\). Such a leakage rate is not known to be achievable for weak PRFs, PEPRFs and public-coin signatures before. This also resolves the open problem posed by Dachman-Soled, Gordon, Liu, O’Neill, and Zhou (PKC 2016, JOC 2018).

Notes

Acknowledgments

We thank the anonymous reviewers of Asiacrypt 2018 for their helpful comments. The first author is supported by National Natural Science Foundation of China (Grant No. 61772522), Youth Innovation Promotion Association CAS, Key Research Program of Frontier Sciences, CAS (Grant No. QYZDB-SSW-SYS035). The second author is partially supported by Nomura Research Institute, JST CREST JPMJCR14D6, JST OPERA. The third author is partially supported by NSF grant 1801470.

References

  1. [ADN+10]
    Alwen, J., Dodis, Y., Naor, M., Segev, G., Walfish, S., Wichs, D.: Public-key encryption in the bounded-retrieval model. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 113–134. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13190-5_6CrossRefzbMATHGoogle Scholar
  2. [ADW09]
    Alwen, J., Dodis, Y., Wichs, D.: Leakage-resilient public-key cryptography in the bounded-retrieval model. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 36–54. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03356-8_3CrossRefzbMATHGoogle Scholar
  3. [AGV09]
    Akavia, A., Goldwasser, S., Vaikuntanathan, V.: Simultaneous hardcore bits and cryptography against memory attacks. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 474–495. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00457-5_28CrossRefzbMATHGoogle Scholar
  4. [BCH12]
    Bitansky, N., Canetti, R., Halevi, S.: Leakage-tolerant interactive protocols. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 266–284. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-28914-9_15CrossRefGoogle Scholar
  5. [BDL97]
    Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997).  https://doi.org/10.1007/3-540-69053-0_4CrossRefGoogle Scholar
  6. [BG10]
    Brakerski, Z., Goldwasser, S.: Circular and leakage resilient public-key encryption under subgroup indistinguishability - (or: quadratic residuosity strikes back). In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 1–20. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14623-7_1CrossRefGoogle Scholar
  7. [BGI+12]
    Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S.P., Yang, K.: On the (im)possibility of obfuscating programs. J. ACM 59(2), 6 (2012)MathSciNetCrossRefGoogle Scholar
  8. [BGI14]
    Boyle, E., Goldwasser, S., Ivan, I.: Functional signatures and pseudorandom functions. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 501–519. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-54631-0_29CrossRefGoogle Scholar
  9. [BK12]
    Brakerski, Z., Kalai, Y.T.: A parallel repetition theorem for leakage resilience. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 248–265. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-28914-9_14CrossRefGoogle Scholar
  10. [BKKV10]
    Brakerski, Z., Kalai, Y.T., Katz, J., Vaikuntanathan, V.: Overcoming the hole in the bucket: public-key cryptography resilient to continual memory leakage. In: FOCS, pp. 501–510 (2010)Google Scholar
  11. [BS97]
    Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997).  https://doi.org/10.1007/BFb0052259CrossRefGoogle Scholar
  12. [BSW11]
    Boyle, E., Segev, G., Wichs, D.: Fully leakage-resilient signatures. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 89–108. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-20465-4_7CrossRefGoogle Scholar
  13. [BSW16]
    Bellare, M., Stepanovs, I., Waters, B.: New negative results on differing-inputs obfuscation. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part II. LNCS, vol. 9666, pp. 792–821. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49896-5_28CrossRefGoogle Scholar
  14. [BW13]
    Boneh, D., Waters, B.: Constrained pseudorandom functions and their applications. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 280–300. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-42045-0_15CrossRefGoogle Scholar
  15. [CDRW10]
    Chow, S.S.M., Dodis, Y., Rouselakis, Y., Waters, B.: Practical leakage-resilient identity-based encryption from simple assumptions. In: ACM CCS, pp. 152–161 (2010)Google Scholar
  16. [CQX18]
    Chen, Y., Qin, B., Xue, H.: Regularly lossy functions and applications. In: Smart, N.P. (ed.) CT-RSA 2018. LNCS, vol. 10808, pp. 491–511. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-76953-0_26CrossRefGoogle Scholar
  17. [CS02]
    Cramer, R., Shoup, V.: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45–64. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-46035-7_4CrossRefGoogle Scholar
  18. [CWZ18]
    Chen, Y., Wang, Y., Zhou, H.-S.: Leakage-resilient cryptography from puncturable primitives and obfuscation (2018). http://eprint.iacr.org/2018/781
  19. [CZ14]
    Chen, Y., Zhang, Z.: Publicly evaluable pseudorandom functions and their applications. In: Abdalla, M., De Prisco, R. (eds.) SCN 2014. LNCS, vol. 8642, pp. 115–134. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-10879-7_8CrossRefGoogle Scholar
  20. [DGK+10]
    Dodis, Y., Goldwasser, S., Kalai, Y.T., Peikert, C., Vaikuntanathan, V.: Public-key encryption schemes with auxiliary inputs. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 361–381. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-11799-2_22CrossRefGoogle Scholar
  21. [DGL+16]
    Dachman-Soled, D., Dov Gordon, S., Liu, F.-H., O’Neill, A., Zhou, H.-S.: Leakage-resilient public-key encryption from obfuscation. In: Cheng, C.-M., Chung, K.-M., Persiano, G., Yang, B.-Y. (eds.) PKC 2016, Part II. LNCS, vol. 9615, pp. 101–128. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49387-8_5CrossRefzbMATHGoogle Scholar
  22. [DHLAW10]
    Dodis, Y., Haralambiev, K., López-Alt, A., Wichs, D.: Cryptography against continuous memory attacks. In: FOCS, pp. 511–520 (2010)Google Scholar
  23. [DHLW10]
    Dodis, Y., Haralambiev, K., López-Alt, A., Wichs, D.: Efficient public-key cryptography in the presence of key leakage. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 613–631. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-17373-8_35CrossRefzbMATHGoogle Scholar
  24. [DKL09]
    Dodis, Y., Kalai, Y.T., Lovett, S.: On cryptography with auxiliary input. In: STOC, pp. 621–630 (2009)Google Scholar
  25. [DY13]
    Dodis, Y., Yu, Y.: Overcoming weak expectations. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 1–22. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-36594-2_1CrossRefGoogle Scholar
  26. [GGH+13]
    Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: FOCS, pp. 40–49 (2013)Google Scholar
  27. [GGHW14]
    Garg, S., Gentry, C., Halevi, S., Wichs, D.: On the implausibility of differing-inputs obfuscation and extractable witness encryption with auxiliary input. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 518–535. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44371-2_29CrossRefGoogle Scholar
  28. [GGM86]
    Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. J. ACM 33(4), 792–807 (1986)MathSciNetCrossRefGoogle Scholar
  29. [GJS11]
    Garg, S., Jain, A., Sahai, A.: Leakage-resilient zero knowledge. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 297–315. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22792-9_17CrossRefGoogle Scholar
  30. [GKPV10]
    Goldwasser, S., Kalai, Y.T., Peikert, C., Vaikuntanathan, V.: Robustness of the learning with errors assumption. In: ICS, pp. 230–240 (2010)Google Scholar
  31. [GM84]
    Goldwasser, S., Micali, S.: Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984)MathSciNetCrossRefGoogle Scholar
  32. [HL11]
    Halevi, S., Lin, H.: After-the-fact leakage in public-key encryption. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 107–124. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19571-6_8CrossRefGoogle Scholar
  33. [HLWW13]
    Hazay, C., López-Alt, A., Wee, H., Wichs, D.: Leakage-resilient cryptography from minimal assumptions. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 160–176. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-38348-9_10CrossRefGoogle Scholar
  34. [HSH+08]
    Alex Halderman, J., et al.: Lest we remember: cold boot attacks on encryption keys. In: USENIX Security Symposium, pp. 45–60 (2008)Google Scholar
  35. [HW09]
    Hohenberger, S., Waters, B.: Short and stateless signatures from the RSA assumption. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 654–670. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03356-8_38CrossRefGoogle Scholar
  36. [IPS15]
    Ishai, Y., Pandey, O., Sahai, A.: Public-coin differing-inputs obfuscation and its applications. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015, Part II. LNCS, vol. 9015, pp. 668–697. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46497-7_26CrossRefGoogle Scholar
  37. [KJJ99]
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_25CrossRefGoogle Scholar
  38. [KMO10]
    Kiltz, E., Mohassel, P., O’Neill, A.: Adaptive trapdoor functions and chosen-ciphertext security. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 673–692. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13190-5_34CrossRefGoogle Scholar
  39. [Koc96]
    Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996).  https://doi.org/10.1007/3-540-68697-5_9CrossRefGoogle Scholar
  40. [Kom16]
    Komargodski, I.: Leakage resilient one-way functions: the auxiliary-input setting. In: Hirt, M., Smith, A. (eds.) TCC 2016, Part I. LNCS, vol. 9985, pp. 139–158. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53641-4_6CrossRefGoogle Scholar
  41. [KPTZ13]
    Kiayias, A., Papadopoulos, S., Triandopoulos, N., Zacharias, T.: Delegatable pseudorandom functions and applications. In: ACM CCS, pp. 669–684 (2013)Google Scholar
  42. [KV09]
    Katz, J., Vaikuntanathan, V.: Signature schemes with bounded leakage resilience. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 703–720. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-10366-7_41CrossRefGoogle Scholar
  43. [LLW11]
    Lewko, A.B., Lewko, M., Waters, B.: How to leak on key updates. In: STOC, pp. 725–734 (2011)Google Scholar
  44. [LRW11]
    Lewko, A., Rouselakis, Y., Waters, B.: Achieving leakage resilience through dual system encryption. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 70–88. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19571-6_6CrossRefGoogle Scholar
  45. [LWZ13]
    Liu, S., Weng, J., Zhao, Y.: Efficient public key cryptosystem resilient to key leakage chosen ciphertext attacks. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 84–100. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-36095-4_6CrossRefGoogle Scholar
  46. [MH15]
    Matsuda, T., Hanaoka, G.: Constructing and understanding chosen ciphertext security via puncturable key encapsulation mechanisms. In: Dodis, Y., Nielsen, J.B. (eds.) TCC 2015, Part I. LNCS, vol. 9014, pp. 561–590. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46494-6_23CrossRefGoogle Scholar
  47. [MR04]
    Micali, S., Reyzin, L.: Physically observable cryptography (extended abstract). In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 278–296. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-24638-1_16CrossRefzbMATHGoogle Scholar
  48. [MTVY11]
    Malkin, T., Teranishi, I., Vahlis, Y., Yung, M.: Signatures resilient to continual leakage on memory and computation. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 89–106. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19571-6_7CrossRefGoogle Scholar
  49. [NS09]
    Naor, M., Segev, G.: Public-key cryptosystems resilient to key leakage. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 18–35. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03356-8_2CrossRefGoogle Scholar
  50. [Pie09]
    Pietrzak, K.: A leakage-resilient mode of operation. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 462–482. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-01001-9_27CrossRefGoogle Scholar
  51. [PW08]
    Peikert, C., Waters, B.: Lossy trapdoor functions and their applications. In: STOC, pp. 187–196 (2008)Google Scholar
  52. [QL13]
    Qin, B., Liu, S.: Leakage-resilient chosen-ciphertext secure public-key encryption from hash proof system and one-time lossy filter. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 381–400. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-42045-0_20CrossRefGoogle Scholar
  53. [QL14]
    Qin, B., Liu, S.: Leakage-flexible cca-secure public-key encryption: simple construction and free of pairing. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 19–36. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-54631-0_2CrossRefGoogle Scholar
  54. [Reg05]
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: STOC, pp. 84–93 (2005)Google Scholar
  55. [RS09]
    Rosen, A., Segev, G.: Chosen-ciphertext security via correlated products. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 419–436. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00457-5_25CrossRefGoogle Scholar
  56. [RW14]
    Ramchen, K., Waters, B.: Fully secure and fast signing from obfuscation. In: ACM CCS, pp. 659–673 (2014)Google Scholar
  57. [SW14]
    Sahai, A., Waters, B.: How to use indistinguishability obfuscation: deniable encryption, and more. In: STOC, pp. 475–484 (2014)Google Scholar
  58. [Wee10]
    Wee, H.: Efficient chosen-ciphertext security via extractable hash proofs. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 314–332. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14623-7_17CrossRefGoogle Scholar
  59. [Wic13]
    Wichs, D.: Barriers in cryptography with weak, correlated and leaky sources. In: Innovations in Theoretical Computer Science, ITCS, pp. 111–126 (2013)Google Scholar
  60. [WMHT16]
    Wang, Y., Matsuda, T., Hanaoka, G., Tanaka, K.: Signatures resilient to uninvertible leakage. In: Zikas, V., De Prisco, R. (eds.) SCN 2016. LNCS, vol. 9841, pp. 372–390. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-44618-9_20CrossRefGoogle Scholar
  61. [YCZY12]
    Yuen, T.H., Chow, S.S.M., Zhang, Y., Yiu, S.M.: Identity-based encryption resilient to continual auxiliary leakage. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 117–134. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-29011-4_9CrossRefGoogle Scholar
  62. [YXZ+15]
    Yang, R., Xu, Q., Zhou, Y., Zhang, R., Hu, C., Yu, Z.: Updatable hash proof system and its applications. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015, Part I. LNCS, vol. 9326, pp. 266–285. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-24174-6_14CrossRefGoogle Scholar
  63. [Zha16]
    Zhandry, M.: The magic of ELFs. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part I. LNCS, vol. 9814, pp. 479–508. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53018-4_18CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2018

Authors and Affiliations

  1. 1.State Key Laboratory of Information Security, Institute of Information EngineeringChinese Academy of SciencesBeijingChina
  2. 2.State Key Laboratory of CryptologyBeijingChina
  3. 3.School of Cyber SecurityUniversity of Chinese Academy of SciencesBeijingChina
  4. 4.Tokyo Institute of TechnologyTokyoJapan
  5. 5.IOHKHong KongChina
  6. 6.National Institute of Advanced Industrial Science and TechnologyTokyoJapan
  7. 7.Virginia Commonwealth UniversityRichmondUSA

Personalised recommendations