Results 1 
4 of
4
Tamper and Leakage Resilience in the SplitState Model
, 2011
"... It is notoriously difficult to create hardware that is immune from side channel and tampering attacks. A lot of recent literature, therefore, has instead considered algorithmic defenses from such attacks. In this paper, we show how to algorithmically secure any cryptographic functionality from conti ..."
Abstract

Cited by 18 (3 self)
 Add to MetaCart
(Show Context)
It is notoriously difficult to create hardware that is immune from side channel and tampering attacks. A lot of recent literature, therefore, has instead considered algorithmic defenses from such attacks. In this paper, we show how to algorithmically secure any cryptographic functionality from continual splitstate leakage and tampering attacks. A splitstate attack on cryptographic hardware is one that targets separate parts of the hardware separately. Our construction does not require the hardware to have access to randomness. On contrast, prior work on protecting from continual combined leakage and tampering [KKS11] required true randomness for each update. Our construction is in the common reference string (CRS) model; the CRS must be hardwired into the device. We note that prior negative results show that it is impossible to algorithmically secure a cryptographic functionality against a combination of arbitrary continual leakage and tampering attacks without true randomness; therefore restricting our attention to the splitstate model is justified. Our construction is simple and modular, and relies on a new construction, in the CRS model, of nonmalleable codes with respect to splitstate tampering functions, which may be of independent interest. 1
Securing Circuits Against ConstantRate Tampering
"... Abstract. We present a compiler that converts any circuit into one that remains secure even if a constant fraction of its wires are tampered with. Following the seminal work of Ishai et al. (Eurocrypt 2006), we consider adversaries who may choose an arbitrary set of wires to corrupt, and may set eac ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Abstract. We present a compiler that converts any circuit into one that remains secure even if a constant fraction of its wires are tampered with. Following the seminal work of Ishai et al. (Eurocrypt 2006), we consider adversaries who may choose an arbitrary set of wires to corrupt, and may set each such wire to 0 or to 1, or may toggle with the wire. We prove that such adversaries, who continuously tamper with the circuit, can learn at most logarithmically many bits of secret information (in addition to blackbox access to the circuit). Our results are information theoretic. Key words: sidechannel attacks, tampering, circuit compiler, PCP of proximity
On the Impossibility of Cryptography with Tamperable Randomness
, 2014
"... We initiate a study of the security of cryptographic primitives in the presence of efficient tampering attacks to the randomness of honest parties. More precisely, we consider ptampering attackers that may efficiently tamper with each bit of the honest parties ’ random tape with probability p, but ..."
Abstract
 Add to MetaCart
We initiate a study of the security of cryptographic primitives in the presence of efficient tampering attacks to the randomness of honest parties. More precisely, we consider ptampering attackers that may efficiently tamper with each bit of the honest parties ’ random tape with probability p, but have to do so in an “online ” fashion. Our main result is a strong negative result: We show that any secure encryption scheme, bit commitment scheme, or zeroknowledge protocol can be “broken ” with probability p by a ptampering attacker. The core of this result is a new Fourier analytic technique for biasing the output of boundedvalue functions, which may be of independent interest. We also show that this result cannot be extended to primitives such as signature schemes and identification protocols: assuming the existence of oneway functions, such primitives can
Tamper Resilient Circuits: The Adversary at the Gates
"... We initiate the investigation of gatetampering attacks against cryptographic circuits. Our model is motivated by the plausibility of tampering directly with circuit gates and by the increasing use of tamper resilient gates among the known constructions that are shown to be resilient against wireta ..."
Abstract
 Add to MetaCart
(Show Context)
We initiate the investigation of gatetampering attacks against cryptographic circuits. Our model is motivated by the plausibility of tampering directly with circuit gates and by the increasing use of tamper resilient gates among the known constructions that are shown to be resilient against wiretampering adversaries. We prove that gatetampering is strictly stronger than wiretampering. On the one hand, we show that there is a gatetampering strategy that perfectly simulates any given wiretampering strategy. On the other, we construct families of circuits over which it is impossible for any wiretampering attacker to simulate a certain gatetampering attack (that we explicitly construct). We also provide a tamper resilience impossibility result that applies to both gate and wire tampering adversaries and relates the amount of tampering to the depth of the circuit. Finally, we show that defending against gatetampering attacks is feasible by appropriately abstracting and analyzing the circuit compiler of Ishai et al. [IPSW06] in a manner which may be of independent interest. Specifically, we first introduce a class of compilers that, assuming certain well defined tamper resilience characteristics against a specific class of attackers, can be shown to produce tamper resilient circuits against that same class of attackers. Then, we describe a compiler in this class for which we prove that it possesses the necessary tamperresilience characteristics against gatetampering attackers.