Advertisement

On the Local Leakage Resilience of Linear Secret Sharing Schemes

  • Fabrice Benhamouda
  • Akshay Degwekar
  • Yuval Ishai
  • Tal Rabin
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10991)

Abstract

We consider the following basic question: to what extent are standard secret sharing schemes and protocols for secure multiparty computation that build on them resilient to leakage? We focus on a simple local leakage model, where the adversary can apply an arbitrary function of a bounded output length to the secret state of each party, but cannot otherwise learn joint information about the states.

We show that additive secret sharing schemes and high-threshold instances of Shamir’s secret sharing scheme are secure under local leakage attacks when the underlying field is of a large prime order and the number of parties is sufficiently large. This should be contrasted with the fact that any linear secret sharing scheme over a small characteristic field is clearly insecure under local leakage attacks, regardless of the number of parties. Our results are obtained via tools from Fourier analysis and additive combinatorics.

We present two types of applications of the above results and techniques. As a positive application, we show that the “GMW protocol” for honest-but-curious parties, when implemented using shared products of random field elements (so-called “Beaver Triples”), is resilient in the local leakage model for sufficiently many parties and over certain fields. This holds even when the adversary has full access to a constant fraction of the views. As a negative application, we rule out multi-party variants of the share conversion scheme used in the 2-party homomorphic secret sharing scheme of Boyle et al. (Crypto 2016).

Notes

Acknowledgements

We thank the Crypto reviewers for helpful comments.

The first and fourth authors were supported by the Defense Advanced Research Projects Agency (DARPA) and U.S. Army Research Office (ARO) under Contract No. W911NF-15-C-0236. The second author did some of the work when he was a summer intern at IBM Research. He was supported in part by NSF Grants CNS-1413920 and CNS-1350619, and by the Defense Advanced Research Projects Agency (DARPA) and the U.S. Army Research Office (ARO) under contracts W911NF-15-C-0226 and W911NF-15-C-0236. The third author was supported in part by ERC grant 742754, ISF grant 1709/14, NSF-BSF grant 2015782, and a grant from the Ministry of Science and Technology, Israel and Department of Science and Technology, Government of India.

References

  1. 1.
    Akavia, A., Goldwasser, S., Vaikuntanathan, V.: Simultaneous hardcore bits and cryptography against memory attacks. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 474–495. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00457-5_28CrossRefMATHGoogle Scholar
  2. 2.
    Araki, T., Furukawa, J., Lindell, Y., Nof, A., Ohara, K.: High-throughput semi-honest secure three-party computation with an honest majority. In: CCS (2016)Google Scholar
  3. 3.
    Beaver, D.: Efficient multiparty protocols using circuit randomization. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 420–432. Springer, Heidelberg (1992).  https://doi.org/10.1007/3-540-46766-1_34CrossRefGoogle Scholar
  4. 4.
    Beimel, A., Ishai, Y., Kushilevitz, E., Orlov, I.: Share conversion and private information retrieval. In: CCC (2012)Google Scholar
  5. 5.
    Ben-Or, M., Coppersmith, D., Luby, M., Rubinfeld, R.: Non-abelian homomorphism testing, and distributions close to their self-convolutions. Random Struct. Algorithms (2008)Google Scholar
  6. 6.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: STOC (1988)Google Scholar
  7. 7.
    Bitansky, N., Dachman-Soled, D., Lin, H.: Leakage-tolerant computation with input-independent preprocessing. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 146–163. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44381-1_9CrossRefGoogle Scholar
  8. 8.
    Blakley, G.: Safeguarding cryptographic keys. In: AFIPS National Computer Conference (1979)Google Scholar
  9. 9.
    Blum, M., Luby, M., Rubinfeld, R.: Self-testing/correcting with applications to numerical problems. J. Comput. Syst. Sci. 47, 549–595 (1993)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Bogdanov, A., Ishai, Y., Viola, E., Williamson, C.: Bounded indistinguishability and the complexity of recovering secrets. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part III. LNCS, vol. 9816, pp. 593–618. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53015-3_21CrossRefGoogle Scholar
  11. 11.
    Boyle, E., Gilboa, N., Ishai, Y.: Breaking the circuit size barrier for secure computation under DDH. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 509–539. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53018-4_19CrossRefGoogle Scholar
  12. 12.
    Boyle, E., Goldwasser, S., Kalai, Y.T.: Leakage-resilient coin tossing. In: Peleg, D. (ed.) DISC 2011. LNCS, vol. 6950, pp. 181–196. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-24100-0_16CrossRefGoogle Scholar
  13. 13.
    Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (extended abstract). In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 462–462. Springer, Heidelberg (1988).  https://doi.org/10.1007/3-540-48184-2_43CrossRefGoogle Scholar
  14. 14.
    Cramer, R., Damgård, I., Ishai, Y.: Share conversion, pseudorandom secret-sharing and applications to secure computation. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 342–362. Springer, Heidelberg (2005).  https://doi.org/10.1007/978-3-540-30576-7_19CrossRefGoogle Scholar
  15. 15.
    Dachman-Soled, D., Liu, F., Zhou, H.: Leakage-resilient circuits revisited – optimal number of computing components without leak-free hardware. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 131–158. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46803-6_5CrossRefGoogle Scholar
  16. 16.
    Damgård, I., Pastro, V., Smart, N.P., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_38CrossRefGoogle Scholar
  17. 17.
    Dodis, Y., Halevi, S., Rothblum, R.D., Wichs, D.: Spooky encryption and its applications. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part III. LNCS, vol. 9816, pp. 93–122. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53015-3_4CrossRefGoogle Scholar
  18. 18.
    Duc, A., Dziembowski, S., Faust, S.: Unifying leakage models: from probing attacks to noisy leakage. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 423–440. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-55220-5_24CrossRefGoogle Scholar
  19. 19.
    Dziembowski, S., Faust, S.: Leakage-resilient circuits without computational assumptions. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 230–247. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-28914-9_13CrossRefGoogle Scholar
  20. 20.
    Dziembowski, S., Pietrzak, K.: Intrusion-resilient secret sharing. In: FOCS (2007)Google Scholar
  21. 21.
    Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: FOCS (2008)Google Scholar
  22. 22.
    Faust, S., Rabin, T., Reyzin, L., Tromer, E., Vaikuntanathan, V.: Protecting circuits from leakage: the computationally-bounded and noisy cases. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 135–156. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13190-5_7CrossRefGoogle Scholar
  23. 23.
    Fazio, N., Gennaro, R., Jafarikhah, T., Skeith III, W.E.: Homomorphic secret sharing from paillier encryption. In: Okamoto, T., Yu, Y., Au, M.H., Li, Y. (eds.) ProvSec 2017. LNCS, vol. 10592, pp. 381–399. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-68637-0_23CrossRefGoogle Scholar
  24. 24.
    Genkin, D., Ishai, Y., Weiss, M.: How to construct a leakage-resilient (stateless) trusted party. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10678, pp. 209–244. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70503-3_7CrossRefGoogle Scholar
  25. 25.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: STOC 1987 (1987)Google Scholar
  26. 26.
    Goldwasser, S., Rothblum, G.N.: How to compute in the presence of leakage. SICOMP (2015). https://doi.org/10.1137/130931461
  27. 27.
    Gowers, W.T.: A new proof of Szemerédi’s theorem. Geom. Funct. Anal. 11, 465–588 (2001)MathSciNetCrossRefGoogle Scholar
  28. 28.
    Gowers, W.T., Wolf, J.: The true complexity of a system of linear equations. Proc. London Math. Soc. 100, 155–176 (2010)MathSciNetCrossRefGoogle Scholar
  29. 29.
    Gowers, W.T., Wolf, J.: Linear forms and higher-degree uniformity for functions on \( \mathbb{F}_n^p \). Geom. Funct. Anal. 21, 36–39 (2011)MathSciNetCrossRefGoogle Scholar
  30. 30.
    Gowers, W.T., Wolf, J.: Linear forms and quadratic uniformity for functions on \( \mathbb{F}_n^p \). Mathematika 57, 215–237 (2011)MathSciNetCrossRefGoogle Scholar
  31. 31.
    Goyal, V., Ishai, Y., Maji, H.K., Sahai, A., Sherstov, A.A.: Bounded-communication leakage resilience via parity-resilient circuits. In: FOCS (2016)Google Scholar
  32. 32.
    Green, B.: Montréal notes on quadratic Fourier analysis. Add. Comb. 43, 69–102 (2007)MATHGoogle Scholar
  33. 33.
    Green, B., Tao, T.: Linear equations in primes. Ann. Math. 171, 1753–1850 (2010)MathSciNetCrossRefGoogle Scholar
  34. 34.
    Guruswami, V., Wootters, M.: Repairing reed-solomon codes. IEEE Trans. Inf. Theory 63, 5684–5698 (2017)MathSciNetMATHGoogle Scholar
  35. 35.
    Ishai, Y., Sahai, A., Wagner, D.A.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-45146-4_27CrossRefGoogle Scholar
  36. 36.
    Keller, M., Orsini, E., Scholl, P.: MASCOT: faster malicious arithmetic secure computation with oblivious transfer. In: CCS (2016)Google Scholar
  37. 37.
    Kiltz, E., Pietrzak, K.: Leakage resilient elgamal encryption. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 595–612. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-17373-8_34CrossRefGoogle Scholar
  38. 38.
    Kocher, P., Genkin, D., Gruss, D., Haas, W., Hamburg, M., Lipp, M., Mangard, S., Prescher, T., Schwarz, M., Yarom, Y.: Spectre attacks: exploiting speculative execution. ArXiv e-prints, January 2018Google Scholar
  39. 39.
    Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996).  https://doi.org/10.1007/3-540-68697-5_9CrossRefGoogle Scholar
  40. 40.
    Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48405-1_25CrossRefGoogle Scholar
  41. 41.
    Lipp, M., Schwarz, M., Gruss, D., Prescher, T., Haas, W., Mangard, S., Kocher, P., Genkin, D., Yarom, Y., Hamburg, M.: Meltdown. ArXiv e-printsGoogle Scholar
  42. 42.
    Micali, S., Reyzin, L.: Physically observable cryptography. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 278–296. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-24638-1_16CrossRefMATHGoogle Scholar
  43. 43.
    Shamir, A.: How to share a secret. Commun. ACM 22, 612–613 (1979)MathSciNetCrossRefGoogle Scholar
  44. 44.
    Tao, T., Vu, V.H.: Additive Combinatorics. Cambridge University Press, Cambridge (2006)CrossRefGoogle Scholar
  45. 45.
    Yao, A.C.: How to generate and exchange secrets (extended abstract). In: FOCS (1986)Google Scholar

Copyright information

© International Association for Cryptologic Research 2018

Authors and Affiliations

  • Fabrice Benhamouda
    • 1
  • Akshay Degwekar
    • 2
  • Yuval Ishai
    • 3
  • Tal Rabin
    • 1
  1. 1.IBM ResearchYorktown HeightsUSA
  2. 2.MITCambridgeUSA
  3. 3.TechnionHaifaIsrael

Personalised recommendations