On Secure Embedded Token Design

Quasi-looped Yao Circuits and Bounded Leakage
  • Simon Hoerder
  • Kimmo Järvinen
  • Daniel Page
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7886)

Abstract

Within a broader context of mobile and embedded computing, the design of practical, secure tokens that can store and/or process security-critical information remains an ongoing challenge. One aspect of this challenge is the threat of information leakage through side-channel attacks, which is exacerbated by any resource constraints. Along these lines, this paper extends previous work on use of Yao circuits via two contributions. First, we show how careful analysis can fix the maximum number of leakage occurrences observed during a DPA attack, effectively bounding leakage from a Yao-based token. To achieve this we use modularised Yao circuits, which also support our second contribution: the first Yao-based implementation of a secure authentication payload, namely HMAC based on SHA-256.

References

  1. 1.
    Ben-David, A., Nisan, N., Pinkas, B.: FairplayMP - A Secure Multi-Party Computation System. In: CCS, pp. 257–266 (2008)Google Scholar
  2. 2.
    Boyar, J., Peralta, R.: A new combinational logic minimization technique with applications to cryptology. In: Festa, P. (ed.) SEA 2010. LNCS, vol. 6049, pp. 178–189. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  3. 3.
    Choi, S.G., Katz, J., Kumaresan, R., Zhou, H.-S.: On the Security of the “Free-XOR” Technique. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 39–53. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  4. 4.
    Gentry, C., Halevi, S., Vaikuntanathan, V.: i-Hop Homomorphic Encryption and Rerandomizable Yao Circuits. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 155–172. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  5. 5.
    Henecka, W., Kögl, S., Sadeghi, A.-R., Schneider, T., Wehrenberg, I.: TASTY: Tool for Automating Secure Two-partY computations. In: CCS, pp. 451–462 (2010)Google Scholar
  6. 6.
    Huang, Y., Evans, D., Katz, J., Malka, L.: Faster Secure Two-Party Computation Using Garbled Circuits. In: USENIX Security Symposium (2011)Google Scholar
  7. 7.
    Järvinen, K., Kolesnikov, V., Sadeghi, A.-R., Schneider, T.: Embedded SFE: Offloading Server and Network Using Hardware Tokens. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 207–221. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  8. 8.
    Järvinen, K., Kolesnikov, V., Sadeghi, A.-R., Schneider, T.: Garbled Circuits for Leakage-Resilience: Hardware Implementation and Evaluation of One-Time Programs. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 383–397. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  9. 9.
    Kocher, P., Lee, R., McGraw, G., Raghunathan, A., Ravi, S.: Security as a New Dimension in Embedded System Design. In: DAC, pp. 753–760 (2004)Google Scholar
  10. 10.
    Kocher, P.C., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  11. 11.
    Kolesnikov, V., Schneider, T.: Improved Garbled Circuit: Free XOR Gates and Applications. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 486–498. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  12. 12.
    Kreuter, B., Shelat, A., Shen, C.: Billion-gate secure computation with malicious adversaries. In: USENIX Security Symposium (2012)Google Scholar
  13. 13.
    Lindell, Y., Pinkas, B.: An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 52–78. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  14. 14.
    Malka, L., Katz, J.: VMCrypt – Modular Software Architecture for Scalable Secure Computation. In: CCS, pp. 715–724 (2011)Google Scholar
  15. 15.
    Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay - A Secure Two-Party Computation System. In: USENIX Security Symposium, pp. 287–302 (2004)Google Scholar
  16. 16.
    Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer (2007)Google Scholar
  17. 17.
    Medwed, M., Petit, C., Regazzoni, F., Renauld, M., Standaert, F.-X.: Fresh re-keying II: Securing multiple parties against side-channel and fault attacks. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 115–132. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  18. 18.
    Medwed, M., Standaert, F.-X., Großschädl, J., Regazzoni, F.: Fresh re-keying: Security against side-channel and fault attacks for low-cost devices. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 279–296. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  19. 19.
    Naor, M., Pinkas, B., Sumner, R.: Privacy preserving auctions and mechanism design. In: Electronic Commerce, pp. 129–139 (1999)Google Scholar
  20. 20.
    National Institute of Standards and Technology (NIST). The Keyed-Hash Message Authentication Code (HMAC). Federal Information Processing Standards Publication 198-1 (July 2008)Google Scholar
  21. 21.
    Pinkas, B., Schneider, T., Smart, N.P., Williams, S.C.: Secure Two-Party Computation is Practical. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 250–267. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  22. 22.
    Popp, T., Kirschbaum, M., Zefferer, T., Mangard, S.: Evaluation of the Masked Logic Style MDPL on a Prototype Chip. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 81–94. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  23. 23.
    Ravi, S., Raghunathan, A., Kocher, P.C., Hattangady, S.: Security in Embedded Systems: Design Challenges. TECS 3(3), 461–491 (2004)CrossRefGoogle Scholar
  24. 24.
    Standaert, F.-X., Malkin, T.G., Yung, M.: A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 443–461. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  25. 25.
    Standaert, F.-X., Pereira, O., Yu, Y., Quisquater, J.-J., Yung, M., Oswald, E.: Leakage Resilient Cryptography in Practice. In: Towards Hardware-Intrinsic Security, pp. 99–134 (2010)Google Scholar
  26. 26.
    Tillich, S., Kirschbaum, M., Szekely, A.: Implementation and Evaluation of an SCA-Resistant Embedded Processor. In: Prouff, E. (ed.) CARDIS 2011. LNCS, vol. 7079, pp. 151–165. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  27. 27.
    Valgrind Project. Massif User Manual, http://valgrind.org/docs/manual/ms-manual.html
  28. 28.
    Yao, A.C.: Protocols for secure computations. In: Foundations of Computer Science, pp. 160–164 (1982)Google Scholar
  29. 29.
    Yao, A.C.: How to generate and exchange secrets. In: Foundations of Computer Science, pp. 162–167 (1986)Google Scholar
  30. 30.
    Yu, P., Schaumont, P.: Secure FPGA circuits using controlled placement and routing. In: CODES+ISSS, pp. 45–50 (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Simon Hoerder
    • 1
  • Kimmo Järvinen
    • 2
  • Daniel Page
    • 1
  1. 1.Department of Computer ScienceUniversity of BristolBristolUK
  2. 2.Department of Information and Computer ScienceAalto UniversityAaltoFinland

Personalised recommendations