Advertisement

Cryptographic Divergences: New Techniques and New Applications

Conference paper
  • 214 Downloads
Part of the Lecture Notes in Computer Science book series (LNCS, volume 12238)

Abstract

In the recent years, some security proofs in cryptography have known significant improvements by replacing the statistical distance with alternative divergences. We continue this line of research, both at a theoretical and practical level. On the theory side, we propose a new cryptographic divergence with quirky properties. On the practical side, we propose new applications of alternative divergences: circuit-private FHE and prime number generators. More precisely, we provide the first formal security proof of the prime number generator PRIMEINC   [8], and improve by an order of magnitude the efficiency of a prime number generator by Fouque and Tibouchi  [16, 17] and the washing machine technique by Ducas and Stehlé  [15] for circuit-private FHE.

Notes

Acknowledgements

The authors are indebted to Takahiro Matsuda and Shuichi Katsumata for their insightful discussions and for pointing out a flaw in an earlier version of the paper. Thomas Prest is supported by the Innovate UK Research Grant 104423 (PQ Cybersecurity).

References

  1. 1.
    Agrawal, R., Chen, Y.-H., Horel, T., Vadhan, S.: Unifying computational entropies via Kullback–Leibler divergence. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11693, pp. 831–858. Springer, Cham (2019).  https://doi.org/10.1007/978-3-030-26951-7_28CrossRefGoogle Scholar
  2. 2.
    Ali, S.M., Silvey, S.D.: A general class of coefficients of divergence of one distribution from another. J. Roy. Stat. Soc. Ser. B (Methodol.) 28(1), 131–142 (1966)Google Scholar
  3. 3.
    Bai, S., Langlois, A., Lepoint, T., Stehlé, D., Steinfeld, R.: Improved security proofs in lattice-based cryptography: using the Rényi divergence rather than the statistical distance. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 3–24. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48797-6_1CrossRefzbMATHGoogle Scholar
  4. 4.
    Bai, S., Lepoint, T., Roux-Langlois, A., Sakzad, A., Stehlé, D., Steinfeld, R.: Improved security proofs in lattice-based cryptography: using the Rényi divergence rather than the statistical distance. J. Cryptol. 31(2), 610–640 (2018)CrossRefGoogle Scholar
  5. 5.
    Bernstein, D.J., et al.: Factoring RSA keys from certified smart cards: coppersmith in the wild. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8270, pp. 341–360. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-42045-0_18CrossRefGoogle Scholar
  6. 6.
    Bogdanov, A., Guo, S., Masny, D., Richelson, S., Rosen, A.: On the hardness of learning with rounding over small modulus. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9562, pp. 209–224. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49096-9_9CrossRefzbMATHGoogle Scholar
  7. 7.
    Bourse, F., Del Pino, R., Minelli, M., Wee, H.: FHE circuit privacy almost for free. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 62–89. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53008-5_3CrossRefGoogle Scholar
  8. 8.
    Brandt, J., Damgård, I.: On generation of probable primes by incremental search. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 358–370. Springer, Heidelberg (1993).  https://doi.org/10.1007/3-540-48071-4_26CrossRefGoogle Scholar
  9. 9.
    Coppersmith, D.: Finding a small root of a bivariate integer equation; factoring with high bits known. In: Maurer [31], pp. 178–189Google Scholar
  10. 10.
    Coppersmith, D.: Finding a small root of a univariate modular equation. In: Maurer [31], pp. 155–165Google Scholar
  11. 11.
    Cramer, R., Shoup, V.: Signature schemes based on the strong RSA assumption. In: Motiwalla, J., Tsudik, G. (eds.) ACM CCS 99, pp. 46–51. ACM Press, November 1999Google Scholar
  12. 12.
    Csiszár, I.: Eine informationstheoretische ungleichung und ihre anwendung auf den beweis der ergodizitat von markoffschen ketten. Magyar. Tud. Akad. Mat. Kutató Int. Közl, 8, 85–108 (1963)Google Scholar
  13. 13.
    Dai, W., Hoang, V.T., Tessaro, S.: Information-theoretic indistinguishability via the chi-squared method. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 497–523. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63697-9_17CrossRefGoogle Scholar
  14. 14.
    Ducas, L., Lyubashevsky, V., Prest, T.: Efficient identity-based encryption over NTRU lattices. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 22–41. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-45608-8_2CrossRefGoogle Scholar
  15. 15.
    Ducas, L., Stehlé, D.: Sanitization of FHE ciphertexts. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 294–310. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49890-3_12CrossRefGoogle Scholar
  16. 16.
    Fouque, P.-A., Tibouchi, M.: Close to uniform prime number generation with fewer random bits. In: Esparza, J., Fraigniaud, P., Husfeldt, T., Koutsoupias, E. (eds.) ICALP 2014. LNCS, vol. 8572, pp. 991–1002. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-43948-7_82CrossRefGoogle Scholar
  17. 17.
    Fouque, P.-A., Tibouchi, M.: Close to uniform prime number generation with fewer random bits. IEEE Trans. Inf. Theor. 65(2), 1307–1317 (2019)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Friedlander, J., Granville, A.: Limitations to the equi-distribution of primes I. Ann. Math. 129(2), 363–382 (1989)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Gallagher, P.X.: On the distribution of primes in short intervals. Mathematika 23(1), 4–9 (1976)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Mitzenmacher, M. (ed.) 41st ACM STOC, pp. 169–178. ACM Press, May/June 2009Google Scholar
  21. 21.
    Gerchinovitz, S., Ménard, P., Stoltz, G.: Fano’s inequality for random variables (2017). https://arxiv.org/abs/1702.05985
  22. 22.
    Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-85053-3_27CrossRefGoogle Scholar
  23. 23.
    Hardy, G.H., Littlewood, J.E.: Some problems of ‘partitio numerorum’; iii: On the expression of a number as a sum of primes. Acta Math. 44, 1–70 (1923)MathSciNetCrossRefGoogle Scholar
  24. 24.
    Heninger, N., Durumeric, Z., Wustrow, E., Alex Halderman, J.: Mining your Ps and Qs: detection of widespread weak keys in network devices. In: Kohno, T. (ed.) USENIX Security 2012, pp. 205–220. USENIX Association, August 2012Google Scholar
  25. 25.
    Joux, A.: Fully homomorphic encryption modulo Fermat numbers. Cryptology ePrint Archive, Report 2019/187 (2019). https://eprint.iacr.org/2019/187
  26. 26.
    Langlois, A., Stehlé, D., Steinfeld, R.: GGHLite: more efficient multilinear maps from ideal lattices. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 239–256. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-55220-5_14CrossRefGoogle Scholar
  27. 27.
    Lenstra, A.K., Hughes, J.P., Augier, M., Bos, J.W., Kleinjung, T., Wachter, C.: Public keys. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 626–642. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_37CrossRefGoogle Scholar
  28. 28.
    Lenstra, A.K., Hughes, J.P., Augier, M., Bos, J.W., Kleinjung, T., Wachter, C.: Ron was wrong, whit is right. Cryptology ePrint Archive, Report 2012/064 (2012). http://eprint.iacr.org/2012/064
  29. 29.
    Ling, S., Phan, D.H., Stehlé, D., Steinfeld, R.: Hardness of k-LWE and applications in traitor tracing. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 315–334. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44371-2_18CrossRefzbMATHGoogle Scholar
  30. 30.
    Matsuda, T., Takahashi, K., Murakami, T., Hanaoka, G.: Improved security evaluation techniques for imperfect randomness from arbitrary distributions. In: Lin, D., Sako, K. (eds.) PKC 2019. LNCS, vol. 11442, pp. 549–580. Springer, Cham (2019).  https://doi.org/10.1007/978-3-030-17253-4_19CrossRefGoogle Scholar
  31. 31.
    Maurer, U.M. (ed.): EUROCRYPT ’96. LNCS, vol. 1070. Springer, Heidelberg (1996)zbMATHGoogle Scholar
  32. 32.
    Micciancio, D., Walter, M.: Gaussian sampling over the integers: efficient, generic, constant-time. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10402, pp. 455–485. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-63715-0_16CrossRefGoogle Scholar
  33. 33.
    Micciancio, D., Walter, M.: On the bit security of cryptographic primitives. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10820, pp. 3–28. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-78381-9_1CrossRefGoogle Scholar
  34. 34.
    Mihailescu, P.: Fast generation of provable primes using search in arithmetic progressions. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 282–293. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-48658-5_27CrossRefGoogle Scholar
  35. 35.
    Mironov, I.: Renyi differential privacy. In: Proceedings of 30th IEEE Computer Security Foundations Symposium (2017). http://arxiv.org/abs/1702.07476
  36. 36.
    Morimoto, T.: Markov processes and the h-theorem. J. Phys. Soc. Japan 18(3), 328–331 (1963)MathSciNetCrossRefGoogle Scholar
  37. 37.
    Nemec, M., Sýs, M., Svenda, P., Klinec, D., Matyas, V.: The return of coppersmith’s attack: practical factorization of widely used RSA moduli. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 1631–1648. ACM Press, October/November 2017Google Scholar
  38. 38.
    Pöppelmann, T., Ducas, L., Güneysu, T.: Enhanced lattice-based signatures on reconfigurable hardware. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 353–370. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-44709-3_20CrossRefzbMATHGoogle Scholar
  39. 39.
    Prest, T.: Sharper bounds in lattice-based cryptography using the Rényi divergence. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 347–374. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70694-8_13CrossRefGoogle Scholar
  40. 40.
    Prest, T., Goudarzi, D., Martinelli, A., Passelègue, A.: Unifying leakage models on a Rényi day. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 683–712. Springer, Cham (2019).  https://doi.org/10.1007/978-3-030-26948-7_24CrossRefGoogle Scholar
  41. 41.
    Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Commun. Assoc. Comput. Mach. 21(2), 120–126 (1978)MathSciNetzbMATHGoogle Scholar
  42. 42.
    Skórski, M.: Shannon entropy versus Renyi entropy from a cryptographic viewpoint. In: Groth, J. (ed.) IMACC 2015. LNCS, vol. 9496, pp. 257–274. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-27239-9_16CrossRefGoogle Scholar
  43. 43.
    Steinberger, J.: Improved security bounds for key-alternating ciphers via hellinger distance. Cryptology ePrint Archive, Report 2012/481 (2012). http://eprint.iacr.org/2012/481
  44. 44.
    Takashima, K., Takayasu, A.: Tighter security for efficient lattice cryptography via the Rényi divergence of optimized orders. In: Au, M.-H., Miyaji, A. (eds.) ProvSec 2015. LNCS, vol. 9451, pp. 412–431. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-26059-4_23CrossRefzbMATHGoogle Scholar
  45. 45.
    Vajda, I.: \(\chi \)\(\alpha \)-divergence and generalized fisher information. In: Transactions of the Sixth Prague Conference on Information Theory, Statistical Decision Functions and Random Processes, p. 223. Academia (1973)Google Scholar
  46. 46.
    van Erven, T., Harremoës, P.: Rényi divergence and Kullback-Leibler divergence. IEEE Trans. Inf. Theor. 60(7), 3797–3820 (2014)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.École Normale SupérieureParisFrance
  2. 2.PQShieldOxfordUK

Personalised recommendations