Abstract
Analysis of various card-shuffles – finding its mixing-time is an old mathematical problem. The results show that e.g., it takes \(\mathcal {O}(\log n)\) riffle-shuffles (Aldous and Diaconis, American Mathematical Monthly, 1986) to shuffle a deck of n cards while one needs to perform \(\varTheta (n \log n)\) steps via cyclic to random shuffle (Mossel et al., FOCS, 2004).
Algorithms for generating pseudo-random permutations play a major role in cryptography. Oblivious card shuffles can be seen as block ciphers (and e.g., may be used for format-preserving encryption) while non-oblivious card shuffles often are a building block for cryptographic primitives (e.g., Spritz, RC4).
Unfortunately, all results about the mixing times of card shuffling algorithms are in the black-box model. The model does not capture real-world capabilities of adversaries who may be able to e.g., obtain some information about the randomness used during the shuffling. In this paper we investigate the impact on the mixing time of the riffle shuffle by an adversary who is able to eavesdrop some portion of the random bits used by the process. More precisely: assuming that each bit of the randomness leaks independently with probability p we show that whenever RiffleSST performs \(r = \log _{2\over 2-(1-p)^2} {n\atopwithdelims ()2} + \log _{2\over 2-(1-p)^2} \left( \frac{1}{\varepsilon n!}\right) \) steps, it cannot be distinguished from a permutation selected uniformly at random with the advantage larger than \(\varepsilon \).
Authors were supported by Polish National Science Centre contract number DEC-2013/10/E/ST1/00359.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Albrecht, M.R., Paterson, K.G.: Lucky microseconds: a timing attack on Amazon’s s2n implementation of TLS. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9665, pp. 622–643. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49890-3_24
Aldous, D., Diaconis, P.: Shuffling cards and stopping times. Am. Math. Mon. 93(5), 333–348 (1986)
Aldous, D., Diaconis, P.: Strong uniform times and finite random walks. Adv. Appl. Math. 97, 69–97 (1987)
Diaconis, P., Shahshahani, M.: Generating a random permutation with random transpositions. Zeitschrift fur Wahrscheinlichkeitstheorie und Verwandte Gebiete 57(2), 159–179 (1981)
Genkin, D., Pachmanov, L., Pipman, I., Tromer, E.: Stealing keys from PCs using a radio: cheap electromagnetic attacks on windowed exponentiation. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 207–228. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48324-4_11
Genkin, D., Shamir, A., Tromer, E.: RSA key extraction via low-bandwidth acoustic cryptanalysis. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8616, pp. 444–461. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44371-2_25
Gomułkiewicz, M., Klonowski, M., Kutyłowski, M.: Rapid mixing and security of Chaum’s visual electronic voting. In: Snekkenes, E., Gollmann, D. (eds.) ESORICS 2003. LNCS, vol. 2808, pp. 132–145. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-39650-5_8
Hoang, V.T., Morris, B., Rogaway, P.: An enciphering scheme based on a card shuffle. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 1–13. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_1
Jakobsson, M., Juels, A., Rivest, R.: Making mix nets robust for electronic voting by randomized partial checking. In: USENIX Security Symposium (2002)
Krzywiecki, Ł., Kutyłowski, M., Misztela, H., Strumiński, T.: Private information retrieval with a trusted hardware unit – revisited. In: Lai, X., Yung, M., Lin, D. (eds.) Inscrypt 2010. LNCS (LNAI and LNBI), vol. 6584, pp. 373–386. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21518-6_26
Kulis, M., Lorek, P., Zagorski, F.: Randomized stopping times and provably secure pseudorandom permutation generators. In: Phan, R.C.-W., Yung, M. (eds.) Mycrypt 2016. LNCS, vol. 10311, pp. 145–167. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61273-7_8
Lorek, P., Zagórski, F., Kulis, M.: Strong stationary times and its use in cryptography. IEEE Trans. Dependable Secure Comput. 1–14 (2017)
Mironov, I.: (Not so) Random shuffles of RC4. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 304–319. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45708-9_20
Morris, B., Rogaway, P., Stegers, T.: How to encipher messages on a small domain. Deterministic encryption and the thorp shuffle. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 286–302. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_17
Morris, B., Rogaway, P.: Sometimes-recurse shuffle. Almost-random permutations in logarithmic expected time. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 311–326. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_18
Naor, M., Reingold, O.: On the construction of pseudo-random permutations. In: Proceedings of the Twenty-Ninth Annual ACM Symposium on Theory of Computing - STOC 1997, New York , USA, pp. 189–199. ACM Press (1997)
Ristenpart, T., Yilek, S.: The mix-and-cut shuffle: small-domain encryption secure against N queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 392–409. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_22
Schuldt, J.C.N., Rivest, R.L.: Spritz–a spongy RC4-like stream cipher and hash function. Technical report (2014)
Schindler, W., Lemke, K., Paar, C.: A stochastic model for differential side channel cryptanalysis. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 30–46. Springer, Heidelberg (2005). https://doi.org/10.1007/11545262_3
Standaert, F.-X., Pereira, O., Yu, Y.: Leakage-resilient symmetric cryptography under empirically verifiable assumptions. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS (LNAI and LNBI), vol. 8042, pp. 335–352. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_19
Standaert, F.-X., Pereira, O., Yu, Y., Quisquater, J.-J., Yung, M., Oswald, E.: Leakage resilient cryptography in practice. In: Sadeghi, A.R., Naccache, D. (eds.) Towards Hardware-Intrinsic Security. ISC, pp. 99–134. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14452-3_5
Yang, Y., Ding, X., Deng, R.H., Bao, F.: An efficient PIR construction using trusted hardware. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 64–79. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85886-7_5
Yarom, Y., Genkin, D., Heninger, N.: CacheBleed: a timing attack on OpenSSL constant time RSA. In: Gierlichs, B., Poschmann, A.Y. (eds.) CHES 2016. LNCS, vol. 9813, pp. 346–367. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53140-2_17
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Lorek, P., Kulis, M., Zagórski, F. (2017). Leakage-Resilient Riffle Shuffle. In: Blömer, J., Kotsireas, I., Kutsia, T., Simos, D. (eds) Mathematical Aspects of Computer and Information Sciences. MACIS 2017. Lecture Notes in Computer Science(), vol 10693. Springer, Cham. https://doi.org/10.1007/978-3-319-72453-9_32
Download citation
DOI: https://doi.org/10.1007/978-3-319-72453-9_32
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-72452-2
Online ISBN: 978-3-319-72453-9
eBook Packages: Computer ScienceComputer Science (R0)