Skip to main content

Cryptographic Divergences: New Techniques and New Applications

  • Conference paper
  • First Online:
Security and Cryptography for Networks (SCN 2020)

Abstract

In the recent years, some security proofs in cryptography have known significant improvements by replacing the statistical distance with alternative divergences. We continue this line of research, both at a theoretical and practical level. On the theory side, we propose a new cryptographic divergence with quirky properties. On the practical side, we propose new applications of alternative divergences: circuit-private FHE and prime number generators. More precisely, we provide the first formal security proof of the prime number generator PRIMEINC   [8], and improve by an order of magnitude the efficiency of a prime number generator by Fouque and Tibouchi  [16, 17] and the washing machine technique by Ducas and Stehlé  [15] for circuit-private FHE.

M. Abboud—Most of this work was done while Marc Abboud was an intern at PQShield.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Typically, additional requirements are mandated, such as \((p + 1)\) and \((p - 1)\) having a large prime factor; but these can be added on top of the sampling procedure.

  2. 2.

    https://github.com/dlitz/pycrypto/blob/master/lib/Crypto/Util/number.py.

  3. 3.

    https://github.com/openssl/openssl/blob/master/crypto/bn/bn_prime.c.

  4. 4.

    The work of [7] requires no bootstrapping, but only applies to GSW-based schemes and is restricted to \(\text {NC}^1\).

  5. 5.

    Security-efficiency trade-offs have been presented in [8], and OpenSSL implements a variant of PRIMEINC.

  6. 6.

    This is true without loss of generality; even if more primes are generated and rejected if they fail some requirements (e.g. being safe primes), the adversary only has access to the product of exactly two outputs of the generator (p and q).

  7. 7.

    As stated in the preliminaries, this section will use Vinogradov’s notation, which is common in number theory: \((f \ll _s g) \Leftrightarrow (f =_s O(g))\).

  8. 8.

    One would find it odd that we are not using the proxy amplification property here but the computations we made showed that it wouldn’t give here a significantly better result than the amplification property for this application, so we chose not to complexify the computations done in the proof.

  9. 9.

    Alternatively, one can replace Q by \(\lambda Q\) in Theorem 4 and use Lemma 4; this results in a loss of O(1) bits of security and has a negligible effect on the parameters.

References

  1. Agrawal, R., Chen, Y.-H., Horel, T., Vadhan, S.: Unifying computational entropies via Kullback–Leibler divergence. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11693, pp. 831–858. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26951-7_28

    Chapter  Google Scholar 

  2. Ali, S.M., Silvey, S.D.: A general class of coefficients of divergence of one distribution from another. J. Roy. Stat. Soc. Ser. B (Methodol.) 28(1), 131–142 (1966)

    Google Scholar 

  3. Bai, S., Langlois, A., Lepoint, T., Stehlé, D., Steinfeld, R.: Improved security proofs in lattice-based cryptography: using the Rényi divergence rather than the statistical distance. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 3–24. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48797-6_1

    Chapter  MATH  Google Scholar 

  4. Bai, S., Lepoint, T., Roux-Langlois, A., Sakzad, A., Stehlé, D., Steinfeld, R.: Improved security proofs in lattice-based cryptography: using the Rényi divergence rather than the statistical distance. J. Cryptol. 31(2), 610–640 (2018)

    Article  Google Scholar 

  5. Bernstein, D.J., et al.: Factoring RSA keys from certified smart cards: coppersmith in the wild. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8270, pp. 341–360. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-42045-0_18

    Chapter  Google Scholar 

  6. Bogdanov, A., Guo, S., Masny, D., Richelson, S., Rosen, A.: On the hardness of learning with rounding over small modulus. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9562, pp. 209–224. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49096-9_9

    Chapter  MATH  Google Scholar 

  7. Bourse, F., Del Pino, R., Minelli, M., Wee, H.: FHE circuit privacy almost for free. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 62–89. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53008-5_3

    Chapter  Google Scholar 

  8. Brandt, J., Damgård, I.: On generation of probable primes by incremental search. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 358–370. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_26

    Chapter  Google Scholar 

  9. Coppersmith, D.: Finding a small root of a bivariate integer equation; factoring with high bits known. In: Maurer [31], pp. 178–189

    Google Scholar 

  10. Coppersmith, D.: Finding a small root of a univariate modular equation. In: Maurer [31], pp. 155–165

    Google Scholar 

  11. Cramer, R., Shoup, V.: Signature schemes based on the strong RSA assumption. In: Motiwalla, J., Tsudik, G. (eds.) ACM CCS 99, pp. 46–51. ACM Press, November 1999

    Google Scholar 

  12. Csiszár, I.: Eine informationstheoretische ungleichung und ihre anwendung auf den beweis der ergodizitat von markoffschen ketten. Magyar. Tud. Akad. Mat. Kutató Int. Közl, 8, 85–108 (1963)

    Google Scholar 

  13. Dai, W., Hoang, V.T., Tessaro, S.: Information-theoretic indistinguishability via the chi-squared method. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 497–523. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63697-9_17

    Chapter  Google Scholar 

  14. Ducas, L., Lyubashevsky, V., Prest, T.: Efficient identity-based encryption over NTRU lattices. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 22–41. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45608-8_2

    Chapter  Google Scholar 

  15. Ducas, L., Stehlé, D.: Sanitization of FHE ciphertexts. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 294–310. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_12

    Chapter  Google Scholar 

  16. Fouque, P.-A., Tibouchi, M.: Close to uniform prime number generation with fewer random bits. In: Esparza, J., Fraigniaud, P., Husfeldt, T., Koutsoupias, E. (eds.) ICALP 2014. LNCS, vol. 8572, pp. 991–1002. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43948-7_82

    Chapter  Google Scholar 

  17. Fouque, P.-A., Tibouchi, M.: Close to uniform prime number generation with fewer random bits. IEEE Trans. Inf. Theor. 65(2), 1307–1317 (2019)

    Article  MathSciNet  Google Scholar 

  18. Friedlander, J., Granville, A.: Limitations to the equi-distribution of primes I. Ann. Math. 129(2), 363–382 (1989)

    Article  MathSciNet  Google Scholar 

  19. Gallagher, P.X.: On the distribution of primes in short intervals. Mathematika 23(1), 4–9 (1976)

    Article  MathSciNet  Google Scholar 

  20. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Mitzenmacher, M. (ed.) 41st ACM STOC, pp. 169–178. ACM Press, May/June 2009

    Google Scholar 

  21. Gerchinovitz, S., Ménard, P., Stoltz, G.: Fano’s inequality for random variables (2017). https://arxiv.org/abs/1702.05985

  22. Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual information analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85053-3_27

    Chapter  Google Scholar 

  23. Hardy, G.H., Littlewood, J.E.: Some problems of ‘partitio numerorum’; iii: On the expression of a number as a sum of primes. Acta Math. 44, 1–70 (1923)

    Article  MathSciNet  Google Scholar 

  24. Heninger, N., Durumeric, Z., Wustrow, E., Alex Halderman, J.: Mining your Ps and Qs: detection of widespread weak keys in network devices. In: Kohno, T. (ed.) USENIX Security 2012, pp. 205–220. USENIX Association, August 2012

    Google Scholar 

  25. Joux, A.: Fully homomorphic encryption modulo Fermat numbers. Cryptology ePrint Archive, Report 2019/187 (2019). https://eprint.iacr.org/2019/187

  26. Langlois, A., Stehlé, D., Steinfeld, R.: GGHLite: more efficient multilinear maps from ideal lattices. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 239–256. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_14

    Chapter  Google Scholar 

  27. Lenstra, A.K., Hughes, J.P., Augier, M., Bos, J.W., Kleinjung, T., Wachter, C.: Public keys. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 626–642. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_37

    Chapter  Google Scholar 

  28. Lenstra, A.K., Hughes, J.P., Augier, M., Bos, J.W., Kleinjung, T., Wachter, C.: Ron was wrong, whit is right. Cryptology ePrint Archive, Report 2012/064 (2012). http://eprint.iacr.org/2012/064

  29. Ling, S., Phan, D.H., Stehlé, D., Steinfeld, R.: Hardness of k-LWE and applications in traitor tracing. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 315–334. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_18

    Chapter  MATH  Google Scholar 

  30. Matsuda, T., Takahashi, K., Murakami, T., Hanaoka, G.: Improved security evaluation techniques for imperfect randomness from arbitrary distributions. In: Lin, D., Sako, K. (eds.) PKC 2019. LNCS, vol. 11442, pp. 549–580. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17253-4_19

    Chapter  Google Scholar 

  31. Maurer, U.M. (ed.): EUROCRYPT ’96. LNCS, vol. 1070. Springer, Heidelberg (1996)

    MATH  Google Scholar 

  32. Micciancio, D., Walter, M.: Gaussian sampling over the integers: efficient, generic, constant-time. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10402, pp. 455–485. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63715-0_16

    Chapter  Google Scholar 

  33. Micciancio, D., Walter, M.: On the bit security of cryptographic primitives. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10820, pp. 3–28. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78381-9_1

    Chapter  Google Scholar 

  34. Mihailescu, P.: Fast generation of provable primes using search in arithmetic progressions. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 282–293. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48658-5_27

    Chapter  Google Scholar 

  35. Mironov, I.: Renyi differential privacy. In: Proceedings of 30th IEEE Computer Security Foundations Symposium (2017). http://arxiv.org/abs/1702.07476

  36. Morimoto, T.: Markov processes and the h-theorem. J. Phys. Soc. Japan 18(3), 328–331 (1963)

    Article  MathSciNet  Google Scholar 

  37. Nemec, M., Sýs, M., Svenda, P., Klinec, D., Matyas, V.: The return of coppersmith’s attack: practical factorization of widely used RSA moduli. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 1631–1648. ACM Press, October/November 2017

    Google Scholar 

  38. Pöppelmann, T., Ducas, L., Güneysu, T.: Enhanced lattice-based signatures on reconfigurable hardware. In: Batina, L., Robshaw, M. (eds.) CHES 2014. LNCS, vol. 8731, pp. 353–370. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44709-3_20

    Chapter  MATH  Google Scholar 

  39. Prest, T.: Sharper bounds in lattice-based cryptography using the Rényi divergence. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 347–374. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8_13

    Chapter  Google Scholar 

  40. Prest, T., Goudarzi, D., Martinelli, A., Passelègue, A.: Unifying leakage models on a Rényi day. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 683–712. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26948-7_24

    Chapter  Google Scholar 

  41. Rivest, R.L., Shamir, A., Adleman, L.M.: A method for obtaining digital signatures and public-key cryptosystems. Commun. Assoc. Comput. Mach. 21(2), 120–126 (1978)

    MathSciNet  MATH  Google Scholar 

  42. Skórski, M.: Shannon entropy versus Renyi entropy from a cryptographic viewpoint. In: Groth, J. (ed.) IMACC 2015. LNCS, vol. 9496, pp. 257–274. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-27239-9_16

    Chapter  Google Scholar 

  43. Steinberger, J.: Improved security bounds for key-alternating ciphers via hellinger distance. Cryptology ePrint Archive, Report 2012/481 (2012). http://eprint.iacr.org/2012/481

  44. Takashima, K., Takayasu, A.: Tighter security for efficient lattice cryptography via the Rényi divergence of optimized orders. In: Au, M.-H., Miyaji, A. (eds.) ProvSec 2015. LNCS, vol. 9451, pp. 412–431. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26059-4_23

    Chapter  MATH  Google Scholar 

  45. Vajda, I.: \(\chi \)\(\alpha \)-divergence and generalized fisher information. In: Transactions of the Sixth Prague Conference on Information Theory, Statistical Decision Functions and Random Processes, p. 223. Academia (1973)

    Google Scholar 

  46. van Erven, T., Harremoës, P.: Rényi divergence and Kullback-Leibler divergence. IEEE Trans. Inf. Theor. 60(7), 3797–3820 (2014)

    Article  Google Scholar 

Download references

Acknowledgements

The authors are indebted to Takahiro Matsuda and Shuichi Katsumata for their insightful discussions and for pointing out a flaw in an earlier version of the paper. Thomas Prest is supported by the Innovate UK Research Grant 104423 (PQ Cybersecurity).

Author information

Authors and Affiliations

Authors

Corresponding authors

Correspondence to Marc Abboud or Thomas Prest .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Abboud, M., Prest, T. (2020). Cryptographic Divergences: New Techniques and New Applications. In: Galdi, C., Kolesnikov, V. (eds) Security and Cryptography for Networks. SCN 2020. Lecture Notes in Computer Science(), vol 12238. Springer, Cham. https://doi.org/10.1007/978-3-030-57990-6_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-57990-6_24

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-57989-0

  • Online ISBN: 978-3-030-57990-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics