A block cipher based pseudo random number generator secure against side-channel key recovery

Christophe Petit; François Xavier Standaert; Olivier Pereira; Tal G. Malkin; Moti Yung

doi:10.1145/1368310.1368322

A block cipher based pseudo random number generator secure against side-channel key recovery

Christophe Petit^*, François Xavier Standaert, Olivier Pereira, Tal G. Malkin, Moti Yung

^*Corresponding author for this work

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

We study the security of a block cipher-based pseudorandom number generator (PRNG), both in the black box world and in the physical world, separately. We first show that the construction is a secure PRNG in the ideal cipher model. Then, we demonstrate its security against a Bayesian side-channel key recovery adversary. As a main result, we show that our construction guarantees that the success rate of the adversary does not increase with the number of physical observations, but in a limited and controlled way. Besides, we observe that, under common assumptions on side-channel attack strategies, increasing the security parameter (typically the block cipher key size) by a polynomial factor involves an increase of a side-channel attack complexity by an exponential factor, making the probability of a successful attack negligible. We believe this work provides a first interesting example of the way the algorithmic design of a cryptographic scheme influences its side-channel resistance.

Original language	English
Title of host publication	Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08
Pages	56-65
Number of pages	10
DOIs	https://doi.org/10.1145/1368310.1368322
Publication status	Published - 2008
Event	2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08 - Tokyo, Japan Duration: 18 Mar 2008 → 20 Mar 2008

Publication series

Name	Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08

Conference

Conference	2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08
Country/Territory	Japan
City	Tokyo
Period	18/03/08 → 20/03/08

ASJC Scopus subject areas

Computational Theory and Mathematics
Computer Networks and Communications
Computer Science Applications

Access to Document

10.1145/1368310.1368322

Cite this

Petit, C., Standaert, F. X., Pereira, O., Malkin, T. G., & Yung, M. (2008). A block cipher based pseudo random number generator secure against side-channel key recovery. In Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08 (pp. 56-65). (Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08). https://doi.org/10.1145/1368310.1368322

Petit, Christophe ; Standaert, François Xavier ; Pereira, Olivier et al. / A block cipher based pseudo random number generator secure against side-channel key recovery. Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08. 2008. pp. 56-65 (Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08).

@inproceedings{fa548b0a6b4a44a596d1a2bbef9349dd,

title = "A block cipher based pseudo random number generator secure against side-channel key recovery",

abstract = "We study the security of a block cipher-based pseudorandom number generator (PRNG), both in the black box world and in the physical world, separately. We first show that the construction is a secure PRNG in the ideal cipher model. Then, we demonstrate its security against a Bayesian side-channel key recovery adversary. As a main result, we show that our construction guarantees that the success rate of the adversary does not increase with the number of physical observations, but in a limited and controlled way. Besides, we observe that, under common assumptions on side-channel attack strategies, increasing the security parameter (typically the block cipher key size) by a polynomial factor involves an increase of a side-channel attack complexity by an exponential factor, making the probability of a successful attack negligible. We believe this work provides a first interesting example of the way the algorithmic design of a cryptographic scheme influences its side-channel resistance.",

author = "Christophe Petit and Standaert, {Fran{\c c}ois Xavier} and Olivier Pereira and Malkin, {Tal G.} and Moti Yung",

year = "2008",

doi = "10.1145/1368310.1368322",

language = "English",

isbn = "9781595939791",

series = "Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08",

pages = "56--65",

booktitle = "Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08",

note = "2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08 ; Conference date: 18-03-2008 Through 20-03-2008",

}

Petit, C, Standaert, FX, Pereira, O, Malkin, TG & Yung, M 2008, A block cipher based pseudo random number generator secure against side-channel key recovery. in Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08. Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08, pp. 56-65, 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08, Tokyo, Japan, 18/03/08. https://doi.org/10.1145/1368310.1368322

A block cipher based pseudo random number generator secure against side-channel key recovery. / Petit, Christophe; Standaert, François Xavier; Pereira, Olivier et al.
Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08. 2008. p. 56-65 (Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - A block cipher based pseudo random number generator secure against side-channel key recovery

AU - Petit, Christophe

AU - Standaert, François Xavier

AU - Pereira, Olivier

AU - Malkin, Tal G.

AU - Yung, Moti

PY - 2008

Y1 - 2008

N2 - We study the security of a block cipher-based pseudorandom number generator (PRNG), both in the black box world and in the physical world, separately. We first show that the construction is a secure PRNG in the ideal cipher model. Then, we demonstrate its security against a Bayesian side-channel key recovery adversary. As a main result, we show that our construction guarantees that the success rate of the adversary does not increase with the number of physical observations, but in a limited and controlled way. Besides, we observe that, under common assumptions on side-channel attack strategies, increasing the security parameter (typically the block cipher key size) by a polynomial factor involves an increase of a side-channel attack complexity by an exponential factor, making the probability of a successful attack negligible. We believe this work provides a first interesting example of the way the algorithmic design of a cryptographic scheme influences its side-channel resistance.

AB - We study the security of a block cipher-based pseudorandom number generator (PRNG), both in the black box world and in the physical world, separately. We first show that the construction is a secure PRNG in the ideal cipher model. Then, we demonstrate its security against a Bayesian side-channel key recovery adversary. As a main result, we show that our construction guarantees that the success rate of the adversary does not increase with the number of physical observations, but in a limited and controlled way. Besides, we observe that, under common assumptions on side-channel attack strategies, increasing the security parameter (typically the block cipher key size) by a polynomial factor involves an increase of a side-channel attack complexity by an exponential factor, making the probability of a successful attack negligible. We believe this work provides a first interesting example of the way the algorithmic design of a cryptographic scheme influences its side-channel resistance.

UR - http://www.scopus.com/inward/record.url?scp=77952354675&partnerID=8YFLogxK

U2 - 10.1145/1368310.1368322

DO - 10.1145/1368310.1368322

M3 - Conference contribution

AN - SCOPUS:77952354675

SN - 9781595939791

T3 - Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08

SP - 56

EP - 65

BT - Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08

T2 - 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08

Y2 - 18 March 2008 through 20 March 2008

ER -

Petit C, Standaert FX, Pereira O, Malkin TG, Yung M. A block cipher based pseudo random number generator secure against side-channel key recovery. In Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08. 2008. p. 56-65. (Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08). doi: 10.1145/1368310.1368322

A block cipher based pseudo random number generator secure against side-channel key recovery

Abstract

Publication series

Conference

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this