algebraic security analysis of key generation
play

Algebraic Security Analysis of Key Generation with Physical - PowerPoint PPT Presentation

Oct 21, 2023 •756 likes •963 views

Algebraic Security Analysis of Key Generation with Physical Unclonable Functions Matthias Hiller 1 , Michael Pehl 1 , Gerhard Kramer 2 and Georg Sigl 1,3 1 Chair of Security in Information Technology 2 Chair of Communications Engineering 2

  1. Algebraic Security Analysis of Key Generation with Physical Unclonable Functions Matthias Hiller 1 , Michael Pehl 1 , Gerhard Kramer 2 and Georg Sigl 1,3 1 Chair of Security in Information Technology 2 Chair of Communications Engineering 2 Technical University of Munich 3 Fraunhofer AISEC PROOFS 20.08.2016 Santa Barbara

  2. Algebraic Security Analysis of Key Generation with Physical Unclonable Functions Matthias Hiller 1 , Michael Pehl 1 , Gerhard Kramer 2 and Georg Sigl 1,3 1 Chair of Security in Information Technology 2 Chair of Communications Engineering 2 Technical University of Munich 3 Fraunhofer AISEC PROOFS 20.08.2016 Santa Barbara

  3. Introduction PUFs 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 3

  4. Example: SRAM PUF Guajardo et al. (CHES 2007) 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 4

  5. Algebraic Security Analysis of Key Generation with Physical Unclonable Functions Matthias Hiller 1 , Michael Pehl 1 , Gerhard Kramer 2 and Georg Sigl 1,3 1 Chair of Security in Information Technology 2 Chair of Communications Engineering 2 Technical University of Munich 3 Fraunhofer AISEC PROOFS 20.08.2016 Santa Barbara

  6. Secret Key Generation Syndrome Coding 2-part approach Secret PUF Response & Public Helper Data 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 6

  7. Secret Key Generation (2) Need for Error Correction 520 Bit - Secret + Redundancy Reproduction with 15% Bit Error Probability 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 7

  8. Motivation Initial Problem: Find a simple and generic representation of PUF key generation Main Contribution: New representation shows if helper data can leak key information (upper bound, qualitative result) For quantitative results see e.g. Delvaux et al. , CHES 2016 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 8

  9. Algebraic Security Analysis of Key Generation with Physical Unclonable Functions Matthias Hiller 1 , Michael Pehl 1 , Gerhard Kramer 2 and Georg Sigl 1,3 1 Chair of Security in Information Technology 2 Chair of Communications Engineering 2 Technical University of Munich 3 Fraunhofer AISEC PROOFS 20.08.2016 Santa Barbara

  10. Algebraic Core 𝐁 𝑀 𝐁 𝑆 Random Number R y y Algebraic Core A PUF Response X Helper Data W Secret S 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 10

  11. Algebraic Core 𝐁 𝑀 𝐁 𝑆 R X S W 𝑇 𝑋 = 𝑆 𝑌 𝐁 See paper for the algebraic cores of several key generation schemes 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 11

  12. Algebraic Security Analysis of Key Generation with Physical Unclonable Functions Matthias Hiller 1 , Michael Pehl 1 , Gerhard Kramer 2 and Georg Sigl 1,3 1 Chair of Security in Information Technology 2 Chair of Communications Engineering 2 Technical University of Munich 3 Fraunhofer AISEC PROOFS 20.08.2016 Santa Barbara

  13. Generic Security Criterion 𝐁 𝑀 𝐁 𝑆 R X S W 𝑇 = 𝑆 𝑌 𝐁 𝑀 𝑋 = 𝑆 𝑌 𝐁 𝑆 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 13

  14. Generic Security Criterion 𝐁 𝑀 𝐁 𝑆 We define the rank loss Δ as R Δ = 𝑠𝑏𝑜𝑙(𝐁 𝑀 ) + 𝑠𝑏𝑜𝑙(𝐁 𝑆 ) − 𝑠𝑏𝑜𝑙(𝐁) X Result without proof: S W No leakage between S and W if Δ = 0 S and W can only be linearly independent iff 𝑠𝑏𝑜𝑙(𝐁) = 𝑠𝑏𝑜𝑙(𝐁 𝑀 ) + 𝑠𝑏𝑜𝑙(𝐁 𝑆 ) 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 14

  15. Analysis of the State of the Art Example: Code-Offset Fuzzy Extractor (Dodis et al ., Eurocrypt 2004) ( n,k,d ) code with generator Matrix G 𝑇 = 𝑌 𝐁 𝑀 𝐁 𝑆 W = R G + X R 𝟏 𝐇 X 𝐉 𝐉 𝐁 = 𝟏 𝐇 𝐉 𝐉 S W 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 15

  16. Analysis of the State of the Art Example: Code-Offset Fuzzy Extractor (Dodis et al ., Eurocrypt 2004) ( n,k,d ) code with generator Matrix G 𝑠𝑏𝑜𝑙(𝐁 𝑀 ) = 𝑜 𝐁 𝑀 𝐁 𝑆 𝑠𝑏𝑜𝑙(𝐁 𝑆 ) = 𝑜 𝟏 𝐇 k 𝑠𝑏𝑜𝑙 𝐁 = 𝑜 + 𝑙 𝐉 𝐉 n Δ = 𝑠𝑏𝑜𝑙(𝐁 𝑀 ) + 𝑠𝑏𝑜𝑙(𝐁 𝑆 ) − 𝑠𝑏𝑜𝑙 𝐁 = 2𝑜 − 𝑜 + 𝑙 n n = 𝑜 − 𝑙 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 16

  17. Analysis of the State of the Art Example: Code-Offset Fuzzy Extractor Result consistent with previous work but easier to obtain (e.g. Delvaux et al. , CHES 2016) 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 17

  18. Analysis of the State of the Art Δ Approach Fuzzy Commitment (CCS 1999) 0 Code Offset Fuzzy Extractor (Eurocrypt 2004) n-k Syndrome Construction (Eurocrypt 2004) n-k Parity Construction (S&P 1998) 2k-n Systematic Low Leakage Coding (ASIACCS 2015) 0 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 18

  19. Take Home Message • Algebraic representation of key generation for PUFs • Rank loss enables first security check • Some state-of-the-art approaches enable zero leakage Long-term vision • Develop and characterize more complex approaches 20.08.2016 Algebraic Security Analysis of Key Generation with PUFs 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Algebraic Analysis of AES Carlos Cid Information Security Group, Royal Holloway, University of

Algebraic Analysis of AES Carlos Cid Information Security Group, Royal Holloway, University of

Algebraic Analysis of AES Carlos Cid Information Security Group, Royal Holloway, University of London ECRYPT II AES Day 18 Oct 2012 Algebraic Analysis of AES Carlos Cid Algebraic Analysis of AES AES is an algorithm with a simple and very

558 views • 23 slides
An Algebraic Approach to the Analysis of Constrained Workflow Systems Workshop on Foundations of

An Algebraic Approach to the Analysis of Constrained Workflow Systems Workshop on Foundations of

An Algebraic Approach to the Analysis of Constrained Workflow Systems Workshop on Foundations of Computer Security, 12 July 2004 Jason Crampton Information Security Group, Royal Holloway, University of London What is a workflow system? A

638 views • 25 slides
Context Generation from Formal Specifications for C Analysis Tools Michele Alberti 1 Julien

Context Generation from Formal Specifications for C Analysis Tools Michele Alberti 1 Julien

Context Generation from Formal Specifications for C Analysis Tools Michele Alberti 1 Julien Signoles 2 1 TrustInSoft 2 CEA LIST, Software Reliability and Security Laboratory LOPSTR 2017, Namur, Belgium 1 Code Analysis Tools Effective enough

575 views • 35 slides
Morphological Analysis Morphological Analysis and Generation for Pali and Generation for Pali

Morphological Analysis Morphological Analysis and Generation for Pali and Generation for Pali

Morphological Analysis Morphological Analysis and Generation for Pali and Generation for Pali David Alfter Jrgen Knauth 18 September 2015 @daalft @daalft Pali Pali Pali Pali (Dead) Indo-aryan language Fusional language Rich

1.65k views • 108 slides
Security analysis of smart contracts in Datalog https://securify.ch Dr. Petar Tsankov Senior

Security analysis of smart contracts in Datalog https://securify.ch Dr. Petar Tsankov Senior

Security analysis of smart contracts in Datalog https://securify.ch Dr. Petar Tsankov Senior researcher, SRI lab, ETH Zurich Co-founder and Chief Scientist, ChainSecurity Inter-disciplinary research at Next-generation blockchain security ETH

1.22k views • 32 slides
Reachability Analysis for High-Index Linear Differential Algebraic Equations (DAEs)

Reachability Analysis for High-Index Linear Differential Algebraic Equations (DAEs)

Institute for Software Integrated Systems Vanderbilt University Reachability Analysis for High-Index Linear Differential Algebraic Equations (DAEs) https://github.com/verivital/daev/ 17 th International Conference on Formal Modeling and Analysis

502 views • 33 slides
Next generation genomic analysis for next generation healthcare GENOMIC SEQUENCING | RAPIDLY

Next generation genomic analysis for next generation healthcare GENOMIC SEQUENCING | RAPIDLY

Next generation genomic analysis for next generation healthcare GENOMIC SEQUENCING | RAPIDLY FALLING PRICES 2003 2018 In 1990, Congress established funding for the Human Genome Project. The project ended up costing about $2.7 billion in FY

389 views • 27 slides
Algebraic Aspects of Symmetric-key Cryptography Carlos Cid (carlos.cid@rhul.ac.uk) Information

Algebraic Aspects of Symmetric-key Cryptography Carlos Cid (carlos.cid@rhul.ac.uk) Information

Algebraic Aspects of Symmetric-key Cryptography Carlos Cid (carlos.cid@rhul.ac.uk) Information Security Group Royal Holloway, University of London 04.May.2007 ECRYPT Summer School 1 Algebraic Techniques in Cryptanalysis Algebra is the

659 views • 61 slides
Algebraic Properties of ln( x ) We can derive algebraic properties of our new function f ( x ) =

Algebraic Properties of ln( x ) We can derive algebraic properties of our new function f ( x ) =

Algebraic Properties of ln( x ) We can derive algebraic properties of our new function f ( x ) = ln( x ) by comparing derivatives. We can in turn use these algebraic rules to simplify the natural logarithm of products and quotients. If a and b are

182 views • 5 slides
Next Generation Security Adaptive | Intelligent | Resilient Scott Montgomery VP, Chief Technical

Next Generation Security Adaptive | Intelligent | Resilient Scott Montgomery VP, Chief Technical

NIST Cyber Security Framework & Healthcare IT Security Clarksville, MD | 22 April 2016 | Annual Spring Conference Next Generation Security Adaptive | Intelligent | Resilient Scott Montgomery VP, Chief Technical Strategist

523 views • 24 slides
Principal Component Analysis in a Linear Algebraic View by Anna Orosz under the mentorship of

Principal Component Analysis in a Linear Algebraic View by Anna Orosz under the mentorship of

Principal Component Analysis in a Linear Algebraic View by Anna Orosz under the mentorship of Jakob Hansen Directed Reading Program at the University of Pennsylvania April 30th, 2020 Principal Component Analysis as a Transformation invented

455 views • 9 slides
An Algebraic Framework for Pseudorandom Functions and Applications to Related-Key Security Michel

An Algebraic Framework for Pseudorandom Functions and Applications to Related-Key Security Michel

An Algebraic Framework for Pseudorandom Functions and Applications to Related-Key Security Michel Abdalla, Fabrice Benhamouda, Alain Passelgue Pseudorandom functions [GGM86] - efficiently computable function : -

1.01k views • 56 slides
Cyclic pregroups and natural language: a computational algebraic analysis C. Casadio and M.

Cyclic pregroups and natural language: a computational algebraic analysis C. Casadio and M.

Cyclic pregroups and natural language: a computational algebraic analysis C. Casadio and M. Sadrzadeh Dip. Studi Classici, Univ. Gabriele DAnnunzio, Chieti, Italy Dept. of Computer Science, Oxford University, UK CILC - 26-esimo

647 views • 33 slides
Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief

Analysis of Security Protocols 01 Analysis of Security Protocols Gavin Lowe Analysis of Security Protocols 02 Overview Brief introduction to security protocols; Model checking of security protocols, particularly using the process

1.28k views • 110 slides
Higher-Order Fourier Analysis: Applications to Algebraic Property Testing Yuichi Yoshida

Higher-Order Fourier Analysis: Applications to Algebraic Property Testing Yuichi Yoshida

Higher-Order Fourier Analysis: Applications to Algebraic Property Testing Yuichi Yoshida National Institute of Informatics, and Preferred Infrastructure, Inc October 18, 2014 Yuichi Yoshida (NII and PFI) Applications to algebraic property

600 views • 59 slides
Challenges in Analysis of Algebraic Iterative Solvers Jrg Liesen Technical University of

Challenges in Analysis of Algebraic Iterative Solvers Jrg Liesen Technical University of

Challenges in Analysis of Algebraic Iterative Solvers Jrg Liesen Technical University of Berlin and Zden ek Strako Charles University in Prague and Czech Academy of Sciences http://www.karlin.mff.cuni.cz/strakos Workshop in honor of

571 views • 32 slides
Weakly Private Information Retrieval Under the Maximal Leakage Metric Ruida Zhou, Tao Guo, Chao

Weakly Private Information Retrieval Under the Maximal Leakage Metric Ruida Zhou, Tao Guo, Chao

Weakly Private Information Retrieval Under the Maximal Leakage Metric Ruida Zhou, Tao Guo, Chao Tian Texas A&M University ISIT 2020 R. Zhou, T. Guo, C. Tian Weakly PIR Under the Maximal Leakage Metric 1 / 20 Private Information Retrieval

653 views • 31 slides
The Objects of this course Don't forget the Python vs . Java comparison document in the

The Objects of this course Don't forget the Python vs . Java comparison document in the

The Objects of this course Don't forget the Python vs . Java comparison document in the Resources folder on the Web. You really should consider having a study partner or putting together a study group for this course. There is no

475 views • 6 slides
Object Oriented Object 3 Programming Object 1 Object 2 Object 4 For : COP 3330. Object

Object Oriented Object 3 Programming Object 1 Object 2 Object 4 For : COP 3330. Object

4/13/2017 OOP Object Oriented Object 3 Programming Object 1 Object 2 Object 4 For : COP 3330. Object oriented Programming (Using C++) ht t p: / / www. com pgeom . com / ~pi yush/ t each/ 3330 Objects: State (fields), Behavior (member

632 views • 6 slides
Chapter 6 Problem Solving and Algorithm Design Hofstra University Overview of 9/19/06

Chapter 6 Problem Solving and Algorithm Design Hofstra University Overview of 9/19/06

Chapter 6 Problem Solving and Algorithm Design Hofstra University Overview of 9/19/06 Computer Science, CSC005 1 Layers of a Computing System Communication Application Operating System Programming Hardware Information Hofstra

545 views • 37 slides
Dawn Song dawnsong@cs.berkeley.edu 1 The Problem How to ensure the execution of a given

Dawn Song dawnsong@cs.berkeley.edu 1 The Problem How to ensure the execution of a given

Analysis and Defense against Privacy- Breaching Code Dawn Song dawnsong@cs.berkeley.edu 1 The Problem How to ensure the execution of a given program will not leak private information? Why should we care? Users download/execute

300 views • 8 slides
Lea eakag age-Res Resilie ilient nt Crypt ptogra graphy phy -- -- for r symmetric

Lea eakag age-Res Resilie ilient nt Crypt ptogra graphy phy -- -- for r symmetric

Sebastian Faust Aarhus University, Denmark Lea eakag age-Res Resilie ilient nt Crypt ptogra graphy phy -- -- for r symmetric mmetric pr prim imit itives ives 1 How to construct cryptodevices? cryptographic device very secure

857 views • 58 slides
Information flow safety in multiparty sessions Sara Capecchi, Ilaria Castellani and Mariangiola

Information flow safety in multiparty sessions Sara Capecchi, Ilaria Castellani and Mariangiola

Information flow safety in multiparty sessions Sara Capecchi, Ilaria Castellani and Mariangiola Dezani-Ciancaglini (TORINO University and INRIA Sophia Antipolis Mditerrane) Behavioural Types Workshop Lisbon, 19-21 April 2011 T

432 views • 30 slides
Download PDF of Slides here! Ask questions here! Available for

Download PDF of Slides here! Ask questions here! Available for

Available for Public Use Download PDF of Slides here! Ask questions here! Available for Public Use Available for Public Use Available for Public Use Available for Public Use Term/Acronym Definition FCC Federal

803 views • 68 slides

More recommend