cliptography clipping the power of kleptographic attacks
play

Cliptography: Clipping The Power Of Kleptographic Attacks Qiang - PowerPoint PPT Presentation

Sep 11, 2022 •313 likes •1.42k views

Cliptography: Clipping The Power Of Kleptographic Attacks Qiang Tang New Jersey Institute of Technology Joint work with Alexander Russell(UConn), Moti Yung(Snapchat & Columbia), and Hong-Sheng Zhou(VCU) Modern Crypto Modern Crypto

  1. Subvertible OWPs: i, y = f i ( x ) Gen Adversary can win this game…and…

  2. Subvertible OWPs SPEC Gen Gen Two index distributions are indistinguishable

  3. Subvertible OWPs SPEC Gen Gen Two index distributions are indistinguishable OK to ignore Eval as it is deterministic with a public input distribution

  4. Random Padding is Dangerous Index • SPEC: Outputs random i,k; here {g i } is a TDOWP . • IMPL: (i,d) from a TDOWP , and k=SEnc(z,d); here d is the trapdoor.

  5. Mitigating Subliminal Channel Key Generation must be randomized

  6. Conventional Wisdom

  7. Conventional Wisdom Nothing up my sleeve numbers

  8. Conventional Wisdom π = 3.1415926535897932384626432832795..…. some bits of it were • used as constants in some hash function (BLAKE), block cipher (Blowfish) and more Nothing up my sleeve numbers

  9. Conventional Wisdom π = 3.1415926535897932384626432832795..…. some bits of it were • used as constants in some hash function (BLAKE), block cipher (Blowfish) and more e = 2.7182818284590452353602874713527……some bits of it were • used as constants in an AES candidate block cipher (RC5) and more Nothing up my sleeve numbers

  10. Mitigating Subverted KG Nothing up my sleeve parameters/keys

  11. Mitigating Subverted KG Nothing up my sleeve parameters/keys Gen Hash

  12. Mitigating Subverted KG: Intuition z

  13. Mitigating Subverted KG: Intuition z Any backdoor can be used to invert a sparse subset of functions, otherwise SPEC is insecure

  14. Mitigating Subverted KG: Intuition H z z Any backdoor can be used to invert a sparse subset of functions, otherwise SPEC is insecure

  15. Mitigating Subverted KG: Intuition H z z Any backdoor can be used to invert a sparse “Dispersing” the index to subset of functions, otherwise SPEC is insecure a “safe” place

  16. Mitigating Subverted KG Gen Hash Theorem: {g i } is a family of subversion resistant OWPs.

  17. Mitigating Subverted KG Gen Hash Theorem: {g i } is a family of subversion resistant OWPs. Assuming the SPEC of h is RO, and index domain is “simple”

  18. Further Implications

  19. Further Implications • Similarly salvage Duel_EC PRNG: it was shown to be impossible to sanitize the output.

  20. Further Implications • Similarly salvage Duel_EC PRNG: it was shown to be impossible to sanitize the output. • Similarly salvage trapdoor OWP , then further save the KG of the full domain hash digital signature scheme

  21. Further Results

  22. Further Results • Reduction of FDH does not go through, modification needed

  23. Further Results • Reduction of FDH does not go through, modification needed • Reduction from clipto-secure OWP to PRG preserves

  24. Conventional FDH Proof Embed the TDOWP challenge to one RO query answer: Reduction A

  25. Conventional FDH Proof Embed the TDOWP challenge to one RO query answer: Reduction i, y = f i ( x ) A

  26. Conventional FDH Proof Embed the TDOWP challenge to one RO query answer: Reduction i, y = f i ( x ) A

  27. Conventional FDH Proof Embed the TDOWP challenge to one RO query answer: Reduction i, y = f i ( x ) A

  28. FDH in the Clipto Setting Reduction i, y = f i ( x ) A

  29. FDH in the Clipto Setting Reduction i, y = f i ( x ) A y now generated by Eval implementation

  30. FDH in the Clipto Setting Reduction i, y = f i ( x ) A y now generated RO queries can be by Eval made during implementation manufacturing

  31. FDH in the Clipto Setting No way to embed TDOWP challenge Reduction i, y = f i ( x ) A y now generated RO queries can be by Eval made during implementation manufacturing

  32. Revised FDH

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 3 D Clipping 3 D Clipping Represent edge param et rically as A + ( C A)t

1 3 D Clipping 3 D Clipping Represent edge param et rically as A + ( C A)t

3 D Clipping CS 4 7 3 1 : Com put e r Gr a phics Le ct u r e 1 4 : 3 D Clippin g a n d Vie w por t Tr a n sf or m a t ion Em m anuel Agu Clipping occur s a ft e r pr oj e ct ion t r a nsfor m a t ion Clipping is a ga inst ca nonica

1.05k views • 5 slides
= y < ymax y > ymin ymax interior X max X min ymin AND Ymin y Ymax

= y < ymax y > ymin ymax interior X max X min ymin AND Ymin y Ymax

Why do clipping? What is clipping, two views Clipping is a visibility Clipping spatially partitions geometric primitives, preprocess. In real-world according to their containment within some scene clipping can remove region. Clipping

428 views • 26 slides
1 Clipping Points Against a View Volume Remember the Plane Equation? Given a point A on the

1 Clipping Points Against a View Volume Remember the Plane Equation? Given a point A on the

Clipping The Story So Far for 3D Graphics o Clipping o We now understand: o how to model objects as a set of polygons and create o Sutherland-Hodgman Clipping a 3D world o Cohen-Sutherland Clipping o how to view the 3D world with a camera

79 views • 6 slides
Clipping http://www.ugrad.cs.ubc.ca/~cs314/Vjan2013 Reading for Clipping FCG Sec 8.1.3-8.1.6

Clipping http://www.ugrad.cs.ubc.ca/~cs314/Vjan2013 Reading for Clipping FCG Sec 8.1.3-8.1.6

University of British Columbia CPSC 314 Computer Graphics Jan-Apr 2013 Tamara Munzner Clipping http://www.ugrad.cs.ubc.ca/~cs314/Vjan2013 Reading for Clipping FCG Sec 8.1.3-8.1.6 Clipping FCG Sec 8.4 Culling (12.1-12.4 2nd ed) 2

850 views • 41 slides
Reading for Clipping CPSC 314 Computer Graphics FCG Sec 8.1.3-8.1.6 Clipping Jan-Apr 2013

Reading for Clipping CPSC 314 Computer Graphics FCG Sec 8.1.3-8.1.6 Clipping Jan-Apr 2013

University of British Columbia Reading for Clipping CPSC 314 Computer Graphics FCG Sec 8.1.3-8.1.6 Clipping Jan-Apr 2013 FCG Sec 8.4 Culling Tamara Munzner (12.1-12.4 2nd ed) Clipping http://www.ugrad.cs.ubc.ca/~cs314/Vjan2013 2

234 views • 11 slides
Visibility, Culling, Clipping (05) RNDr. Martin Madaras, PhD. martin.madaras@stuba.sk Overview

Visibility, Culling, Clipping (05) RNDr. Martin Madaras, PhD. martin.madaras@stuba.sk Overview

Principles of Computer Graphics and Image Processing Visibility, Culling, Clipping (05) RNDr. Martin Madaras, PhD. martin.madaras@stuba.sk Overview Clipping Point Clipping Line Clipping Polygon Clipping Hidden Surface Removal

812 views • 77 slides
CS-184: Computer Graphics Lecture #10: Clipping and Hidden Surfaces Prof. James OBrien

CS-184: Computer Graphics Lecture #10: Clipping and Hidden Surfaces Prof. James OBrien

1 CS-184: Computer Graphics Lecture #10: Clipping and Hidden Surfaces Prof. James OBrien University of California, Berkeley V2015-S-10-1.0 2 Today Clipping Clipping to view volume Clipping arbitrary polygons Hidden

648 views • 15 slides
Reading for Clipping Rendering Pipeline CPSC 314 Computer Graphics FCG Sec 8.1.3-8.1.6

Reading for Clipping Rendering Pipeline CPSC 314 Computer Graphics FCG Sec 8.1.3-8.1.6

University of British Columbia Reading for Clipping Rendering Pipeline CPSC 314 Computer Graphics FCG Sec 8.1.3-8.1.6 Clipping Jan-Apr 2013 FCG Sec 8.4 Culling Geometry Model/View Perspective Lighting Clipping Tamara Munzner

184 views • 3 slides
ChipWhisperer Lite Modeling Power Consumption Every device requires power to run (static Dynamic

ChipWhisperer Lite Modeling Power Consumption Every device requires power to run (static Dynamic

Open source tool for research on hardware attacks Side Channel Power Analysis Glitching Attacks Essentially an oscilloscope attached to a target chip ChipWhisperer Lite Modeling Power Consumption Every device requires power to run

175 views • 14 slides
Computer Graphics - Clipping - Philipp Slusallek Clipping Motivation Projected primitive

Computer Graphics - Clipping - Philipp Slusallek Clipping Motivation Projected primitive

Computer Graphics - Clipping - Philipp Slusallek Clipping Motivation Projected primitive might fall (partially) outside of display area E.g. if standing inside a building Eliminate non-visible geometry early in the pipeline to

318 views • 18 slides
HOST Differential Power Attacks ECE 525 Side-Channel Attacks Cryptographic algorithms assume

HOST Differential Power Attacks ECE 525 Side-Channel Attacks Cryptographic algorithms assume

HOST Differential Power Attacks ECE 525 Side-Channel Attacks Cryptographic algorithms assume that secret keys are utilized by implementations of the algorithm in a secure fashion, with access only allowed through the I/Os Unfortunately,

363 views • 12 slides
CLIPPING 101 https://www.horsejournals.com/horse-clipping-101 WHY CLIP? Fall is the

CLIPPING 101 https://www.horsejournals.com/horse-clipping-101 WHY CLIP? Fall is the

CLIPPING 101 https://www.horsejournals.com/horse-clipping-101 WHY CLIP? Fall is the time to decide if you will clip your horse-first clip in late Sept first week Oct, last one if needed end of Feb before summer coat starts to come in

353 views • 18 slides
Computer Graphics (CS 543) Lecture 9: Clipping, Viewport Transformation & Hidden Surface

Computer Graphics (CS 543) Lecture 9: Clipping, Viewport Transformation & Hidden Surface

Computer Graphics (CS 543) Lecture 9: Clipping, Viewport Transformation & Hidden Surface Removal Prof Emmanuel Agu Computer Science Dept. Worcester Polytechnic Institute (WPI) Polygon Clipping Not as simple as line segment clipping

562 views • 55 slides
CS 5 4 3 : Com puter Graphics Lecture 8 : 3 D Clipping and View port Transform ation Emmanuel Agu

CS 5 4 3 : Com puter Graphics Lecture 8 : 3 D Clipping and View port Transform ation Emmanuel Agu

CS 5 4 3 : Com puter Graphics Lecture 8 : 3 D Clipping and View port Transform ation Emmanuel Agu 3D Clipping Clipping occurs after projection transform ation Clipping is against canonical view volum e Param etric Equations I m

376 views • 35 slides
Clipping and Culling Sung-Eui Yoon ( ) ( ) C Course URL: URL

Clipping and Culling Sung-Eui Yoon ( ) ( ) C Course URL: URL

CS380: Computer Graphics p p Clipping and Culling Sung-Eui Yoon ( ) ( ) C Course URL: URL http://sglab.kaist.ac.kr/~sungeui/CG/ Class Objectives Class Objectives Understand clipping and culling Understand clipping

775 views • 28 slides
Einfhrung in Visual Computing Clipping Werner Purgathofer Institut fr Computergraphik und

Einfhrung in Visual Computing Clipping Werner Purgathofer Institut fr Computergraphik und

Einfhrung in Visual Computing Clipping Werner Purgathofer Institut fr Computergraphik und Algorithmen 6. Vorlesungseinheit Computergraphik Clipping in the Rendering Pipeline Clipping object capture/creation partly visible or

363 views • 9 slides
Assessing Accomplished Practice in Teaching : The Experience of the National Board for

Assessing Accomplished Practice in Teaching : The Experience of the National Board for

Assessing Accomplished Practice in Teaching : The Experience of the National Board for Professional Teaching Standards Improving Quality and Equity in Education: Inspiring a New Century of Excellence in Teaching and Assessment Lloyd Bond

659 views • 21 slides
Contributions to Generalizability Theory: Dick Jaegers Indirect but Strong Mentoring Effects

Contributions to Generalizability Theory: Dick Jaegers Indirect but Strong Mentoring Effects

Contributions to Generalizability Theory: Dick Jaegers Indirect but Strong Mentoring Effects Richard J. Shavelson Stanford University Richard M. Jaeger Memorial Symposium American Educational Research Association Meeting in Seattle,

476 views • 14 slides
Analyst Presentation 1H17 Results 28 August 2017 Agenda 1. Key Highlights 2. CIMB Group 1H17

Analyst Presentation 1H17 Results 28 August 2017 Agenda 1. Key Highlights 2. CIMB Group 1H17

CIMB Group Analyst Presentation 1H17 Results 28 August 2017 Agenda 1. Key Highlights 2. CIMB Group 1H17 Financials 3. PBT by Segment 3.1 Regional Consumer Banking 3.2 Regional Commercial Banking 3.3 Regional Wholesale Banking 3.4 Group

778 views • 67 slides
Implementation Planning 2015-2019 City Council Planning & Development Committee March 9,

Implementation Planning 2015-2019 City Council Planning & Development Committee March 9,

Implementation Planning 2015-2019 City Council Planning & Development Committee March 9, 2015 1 Plan Review Steering Committee Community & Economic Development Public Works Todd Cagnoni Scott Capovilla Matthew Vitner Wayne Dust

362 views • 13 slides
EAPRASne Snet European Academy of Paediatrics Research in Ambulatory Settings Network

EAPRASne Snet European Academy of Paediatrics Research in Ambulatory Settings Network

EAPRASne Snet European Academy of Paediatrics Research in Ambulatory Settings Network http://www.eapaediatrics.eu/eaprasnet Prof. Adamos Hadjipanayis Secretary General of EAP London, June 2018 EAP i is the Paed edia iatric ic sectio

336 views • 15 slides
2016 2016 Stars St St Stars of of Life f Lif Lif Life Celebration Celebration March 7

2016 2016 Stars St St Stars of of Life f Lif Lif Life Celebration Celebration March 7

3/16/2016 2016 2016 Stars St St Stars of of Life f Lif Lif Life Celebration Celebration March 7 2016 March 7, 2016 Embassy Suites Hotel Sacramento, CA Jason Achterberg Hall Ambulance Service, Inc. Bakersfield 1 3/16/2016

407 views • 25 slides
ABB Q4 and FY 2012 results Joe Hogan, CEO Eric Elzvik, CFO 14 February 2013 | Slide 1

ABB Q4 and FY 2012 results Joe Hogan, CEO Eric Elzvik, CFO 14 February 2013 | Slide 1

February 14, 2013 ABB Q4 and FY 2012 results Joe Hogan, CEO Eric Elzvik, CFO 14 February 2013 | Slide 1 Safe-harbor statement This presentation includes forward-looking information and statements including statements concerning the outlook

473 views • 35 slides
Investor presentation December 2013 1 Confidentiality and disclaimer IMPORTANT NOTICE The

Investor presentation December 2013 1 Confidentiality and disclaimer IMPORTANT NOTICE The

Investor presentation December 2013 1 Confidentiality and disclaimer IMPORTANT NOTICE The information contained in this presentation is strictly confidential and is provided by Jaguar Land Rover Automotive plc (the Company) to you solely

362 views • 23 slides

More recommend