Vulnerability bounds and leakage resilience of blinded cryptography under timing attacks

Proceedings - IEEE Computer Security Foundations Symposium

Volumn , Issue , 2010, Pages 44-56

  Köpf, Boris ^a   Smith, Geoffrey ^b  

^a MAX PLANCK INSTITUTE FOR SOFTWARE SYSTEMS   (Germany)

^b FLORIDA INTERNATIONAL UNIVERSITY   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CRYPTOGRAPHIC PRIMITIVES; CRYPTOSYSTEMS; LEAKAGE-RESILIENCE; MIN-ENTROPY; PUBLIC KEY CRYPTOSYSTEMS; SIDE CHANNEL ATTACK; STATE OF THE ART; TIMING ATTACKS;

NETWORK SECURITY; PUBLIC KEY CRYPTOGRAPHY; SECURITY SYSTEMS;

TIME MEASUREMENT;

EID: 77957606219     PISSN: 19401434     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CSF.2010.11     Document Type: Conference Paper

References (27)

1. Johan Agat. Transforming out Timing Leaks. In Proc. 27th ACM Symposium on Principles of Programming Languages (POPL 2000), pages 40-53. ACM, 2000.
2. Joël Alwen, Yevgeniy Dodis, and Daniel Wichs. Leakage-Resilient Public-Key Cryptography in the Bounded-Retrieval Model. In Proc. Advances in Cryptology (CRYPTO 2009), volume 5677, pages 36-54. Springer, Lecture Notes in Computer Science.
3. Michael Backes and Boris Köpf. Formally Bounding the Side-Channel Leakage in Unknown-Message Attacks. In Proc. 13th European Symposium on Research in Computer Security (ESORICS 2008), volume 5283 of Lecture Notes in Computer Science, pages 517-532. Springer, 2008.
4. Gilles Barthe, Tamara Rezk, and Martijn Warnier. Preventing Timing Leaks Through Transactional Branching Instructions. In Proc. 3rd Workshop on Quantitative Aspects of Programming Languages (QAPL 2006), Electronic Notes in Theoretical Computer Science (ENTCS), pages 33-55. Elsevier, 2005.
5. Christelle Braun, Konstantinos Chatzikokolakis, and Catuscia Palamidessi. Quantitative notions of leakage for one-try attacks. In Proc. of the 25th Conference on Mathematical Foundations of Programming Semantics (MFPS 2009), volume 249 of ENTCS, pages 75-91. Elsevier, 2009.
6. David Brumley and Dan Boneh. Remote timing attacks are practical. Computer Networks, 48(5):701-716, 2005.
7. Christian Cachin. Entropy Measures and Unconditional Security in Cryptography. Dissertation No. 12187. ETH Zürich, 1997.
8. Konstantinos Chatzikokolakis, Catuscia Palamidessi, and Prakash Panangaden. Anonymity protocols as noisy channels. Information and Computation, 206:378-401, 2008.
9. Thomas M. Cover and Joy A. Thomas. Elements of Information Theory, Second Edition. John Wiley & Sons, Inc., 2006.
10. Stefan Dziembowski and Krzysztof Pietrzak. Leakage- Resilient Cryptography. In Proc. 49th IEEE Symposium Symposium on Foundations of Computer Science (FOCS 2008), pages 293-302. IEEE Computer Society, 2008.
11. William Feller. An Introduction to Probability Theory and Its Applications, volume 1. John Wiley & Sons, Inc., Third edition, 1968.
12. Eiichiro Fujisaki, Tatsuaki Okamoto, David Pointcheval, and Jacques Stern. RSA-OAEP Is Secure under the RSA Assumption. Journal of Cryptology, 17(2):81-104, 2004.
13. Daniel Hedin and David Sands. Timing Aware Information Flow Security for a JavaCard-like Bytecode. Electronic Notes in Theoretical Computer Science (ENTCS), 141(1):163-182, 2005.
14. John Kelsey, Bruce Schneier, David Wagner, and Chris Hall. Side Channel Cryptanalysis of Product Ciphers. Journal of Computer Security (JCS), 8(2-3):141-158, 2000.
15. Paul Kocher. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In Proc. Advances in Cryptology (CRYPTO 1996), volume 1109 of Lecture Notes in Computer Science, pages 104-113. Springer, 1996.
16. Boris Köpf and David Basin. An Information-Theoretic Model for Adaptive Side-Channel Attacks. In Proc. 14th ACM Conference on Computer and Communication Security (CCS 2007), pages 286-296. ACM, 2007.
17. Boris Köpf and Markus Dürmuth. A Provably Secure And Efficient Countermeasure Against Timing Attacks. In Proc. 22nd IEEE Computer Security Foundations Symposium (CSF 2009), pages 324-335. IEEE Computer Society, 2009.
18. Pasquale Malacaria. Assessing security threats of looping constructs. In Proc. 34th ACM Symposium on Principles of Programming Languages (POPL 2007), pages 225-235, Nice, France, January 2007.
19. James L. Massey. Guessing and Entropy. In Proc. 1994 IEEE Symposium on Information Theory (ISIT 1994), page 204. IEEE Computer Society, 1994.
20. Silvio Micali and Leonid Reyzin. Physically Observable Cryptography (Extended Abstract). In Proc. First Theory of Cryptography Conference (TCC 2004), volume 2951 of Lecture Notes in Computer Science, pages 278-296. Springer, 2004.
21. Moni Naor and Gil Segev. Public-Key Cryptosystems Resilient to Key Leakage. In Proc. Advances in Cryptology (CRYPTO 2009), volume 5677 of Lecture Notes in Computer Science, pages 18-35. Springer, 2009.
22. Alessandra Di Pierro, Chris Hankin, and Herbert Wiklicky. Quantifying timing leaks and cost optimisation. In Proc. 10th International Conference on Information and Communications Security (ICICS 2008), volume 5308 of Lecture Notes in Computer Science, pages 81-96. Springer, 2008.
23. Charles Rackoff and Daniel R. Simon. Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack. In Proc. Advances in Cryptology (CRYPTO 1991), volume 576 of Lecture Notes in Computer Science, pages 433-444. Springer, 1992.
24. Alfréd Rényi. On measures of entropy and information. In Proceedings of the 4th Berkeley Symposium on Mathematics, Statistics and Probability 1960, pages 547-561, 1961.
25. Geoffrey Smith. On the Foundations of Quantitative Information Flow. In Proc. 13th International Conference on Foundations of Software Science and Computation Structures (FoSSaCS 2009), volume 5504 of Lecture Notes in Computer Science, pages 288-302. Springer, 2009.
26. Francois-Xavier Standaert, Tal Malkin, and Moti Yung. A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks. In Proc. 28th International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2009), volume 5479 of Lecture Notes in Computer Science, pages 443-461. Springer, 2009.
27. Mathukumalli Vidjasagar. Learning and Generalization. Springer, second edition, 2002.