Tamper-Proof Circuits: How to Trade Leakage for Tamper-Resilience
Tampering attacks are cryptanalytic attacks on the implementation of cryptographic algorithms (e.g., smart cards), where an adversary introduces faults with the hope that the tampered device will reveal secret information. Inspired by the work of Ishai et al. [Eurocrypt’06], we propose a compiler that transforms any circuit into a new circuit with the same functionality, but which is resilient against a well-defined and powerful tampering adversary. More concretely, our transformed circuits remain secure even if the adversary can adaptively tamper with every wire in the circuit as long as the tampering fails with some probability δ > 0. This additional requirement is motivated by practical tampering attacks, where it is often difficult to guarantee the success of a specific attack.
Formally, we show that a q-query tampering attack against the transformed circuit can be “simulated” with only black-box access to the original circuit and log(q) bits of additional auxiliary information. Thus, if the implemented cryptographic scheme is secure against log(q) bits of leakage, then our implementation is tamper-proof in the above sense. Surprisingly, allowing for this small amount of information leakage allows for much more efficient compilers, which moreover do not require randomness during evaluation. Similar to earlier works our compiler requires small, stateless and computation-independent tamper-proof gadgets. Thus, our result can be interpreted as reducing the problem of shielding arbitrary complex computation to protecting simple components.
KeywordsSmart Card Signature Scheme Clock Cycle Security Parameter Secret State
Unable to display preview. Download preview PDF.
- 1.The full version of this paper will be posted on the Cryptology ePrint Archive, http://eprint.iacr.org/
- 4.Anderson, R., Kuhn, M.: Tamper resistance: a cautionary note. In: WOEC 1996, p. 1. USENIX Association, Berkeley (1996)Google Scholar
- 7.Dziembowski, S., Pietrzak, K., Wichs, D.: Non-malleable codes. In: ICS 2010, pp. 434–452 (2010)Google Scholar
- 17.Otto, M.: Fault Attacks and Countermeasures. PhD thesis, University of Paderborn, Germany (2006)Google Scholar