How Leaky Is an Extractor?

نویسنده

  • François-Xavier Standaert
چکیده

This paper discusses the security of a leakage-resilient stream cipher presented at FOCS 2008, instantiated in a practical setting. Based on a case study, we put forward implementation weaknesses that can be exploited in a key-recovery attack. We first show that in our experimental context (8-bit device, Hamming weight leakages, Gaussian noise), a successful attack against the investigated stream cipher has lower data complexity than a similar attack against an unprotected AES implementation. We then analyze the origin of the observed weaknesses and relate them with the implementation of extractor that is used in the investigated stream cipher. We finally discuss the implications of these results for the design of leakage-resilient primitives and provide guidelines to improve the construction of FOCS 2008 and its underlying components.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Study of leaky dielectric droplet behavior under an electric field: effect of viscosity and electric conductivity ratios

In this research, hydrodynamic behavior of a leaky dielectric droplet under an electric field is simulated. The level set method is used for interface tracking and the ghost fluid method is used for modeling discontinuous quantities at interface. Using Taylor’s leaky dielectric model, electric field and electric force at the interface is calculated. Simulation results show the droplet deformati...

متن کامل

Secure Computation using Leaky Correlations (Asymptotically Optimal Constructions)

Most secure computation protocols can be e ortlessly adapted to o oad a signi cant fraction of their computationally and cryptographically expensive components to an o ine phase so that the parties can run a fast online phase and perform their intended computation securely. During this o ine phase, parties generate private shares of a sample generated from a particular joint distribution, refer...

متن کامل

Secure Computation Based on Leaky Correlations: High Resilience Setting

Correlated private randomness, or correlation in short, is a fundamental cryptographic resource that helps parties compute securely over their private data. An offline preprocessing step, which is independent of the eventual secure computation, generates correlated secret shares for the parties and the parties use these shares during the final secure computation step. However, these secret shar...

متن کامل

A Rule Extractor for Diagnosing the Type 2 Diabetes Using a Self-organizing Genetic Algorithm

Introduction: Constructing medical decision support models to automatically extract knowledge from data helps physicians in early diagnosis of disease. Interpretability of the inferential rules of these models is a key indicator in determining their performance in order to understand how they make decisions, and increase the reliability of their output. Methods: In this study, an automated hyb...

متن کامل

On hardening leakage resilience of random extractors for instantiations of leakage-resilient cryptographic primitives

Random extractors are proven to be important building blocks in constructing leakage resilient cryptographic primitives. Nevertheless, recent efforts showed that they are likely more leaky than other elementary components (e.g. block ciphers) in unprotected implementations of these primitives, in the context of side-channel attacks. In this context, from the adversary’s point of view, the extra...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2010