TY - GEN
T1 - A block cipher based pseudo random number generator secure against side-channel key recovery
AU - Petit, Christophe
AU - Standaert, François Xavier
AU - Pereira, Olivier
AU - Malkin, Tal G.
AU - Yung, Moti
PY - 2008
Y1 - 2008
N2 - We study the security of a block cipher-based pseudorandom number generator (PRNG), both in the black box world and in the physical world, separately. We first show that the construction is a secure PRNG in the ideal cipher model. Then, we demonstrate its security against a Bayesian side-channel key recovery adversary. As a main result, we show that our construction guarantees that the success rate of the adversary does not increase with the number of physical observations, but in a limited and controlled way. Besides, we observe that, under common assumptions on side-channel attack strategies, increasing the security parameter (typically the block cipher key size) by a polynomial factor involves an increase of a side-channel attack complexity by an exponential factor, making the probability of a successful attack negligible. We believe this work provides a first interesting example of the way the algorithmic design of a cryptographic scheme influences its side-channel resistance.
AB - We study the security of a block cipher-based pseudorandom number generator (PRNG), both in the black box world and in the physical world, separately. We first show that the construction is a secure PRNG in the ideal cipher model. Then, we demonstrate its security against a Bayesian side-channel key recovery adversary. As a main result, we show that our construction guarantees that the success rate of the adversary does not increase with the number of physical observations, but in a limited and controlled way. Besides, we observe that, under common assumptions on side-channel attack strategies, increasing the security parameter (typically the block cipher key size) by a polynomial factor involves an increase of a side-channel attack complexity by an exponential factor, making the probability of a successful attack negligible. We believe this work provides a first interesting example of the way the algorithmic design of a cryptographic scheme influences its side-channel resistance.
UR - http://www.scopus.com/inward/record.url?scp=77952354675&partnerID=8YFLogxK
U2 - 10.1145/1368310.1368322
DO - 10.1145/1368310.1368322
M3 - Conference contribution
AN - SCOPUS:77952354675
SN - 9781595939791
T3 - Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08
SP - 56
EP - 65
BT - Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08
T2 - 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08
Y2 - 18 March 2008 through 20 March 2008
ER -