ERC logo
      Cryptography on Non-Trusted Machines


 
  basic information
the project
group members
open positions
contact
about the ERC SIR grants


 
Abstract


This project is about the design of cryptographic schemes that are secure even if implemented on not-secure devices. The motivation for this problem comes from an observation that most of the real-life attacks on cryptographic devices do not break their mathematical foundations, but exploit vulnerabilities of their implementations. This concerns both the cryptographic software executed on PCs (that can be attacked by viruses), and the implementations on hardware (that can be subject to the side-channel attacks). Traditionally fixing this problem was left to the practitioners, since it was a common belief that theory cannot be of any help here. However, new exciting results in cryptography suggest that this view was too pessimistic: there exist methods to design cryptographic protocols in such a way that they are secure even if the hardware on which they are executed cannot be fully trusted.

The goal of this project is to investigate these methods further, unify them in a solid mathematical theory (many of them were developed independently), and propose new ideas in this area. The project will be mostly theoretical (although some practical experiments may be performed). Our main interest lies within the theory of private circuits, bounded-retrieval model, physically-observable cryptography, and human-assisted cryptography. We view these theories just as the departing points, since the area is very fresh and we expect to soon witness completely new ideas in this field

slides [ppt,pdf]

Relevant publications by the principal investigator
  • Stefan Dziembowski and Krzysztof Pietrzak 
    Leakage-Resilient Cryptography in the Standard Model
    accepted to     49th Annual IEEE Symposium on Foundations of Computer Science (FOCS)  2008
    preliminary version is available here    .

  • Stefan Dziembowski and Krzysztof Pietrzak
    Intrusion-Resilient Secret Sharing
    48th Annual IEEE Symposium on Foundations of Computer Science (FOCS) 2007

  • Stefan Dziembowski
    On Forward-Secure Storage
    Advances in Cryptology - CRYPTO '06, Lecture Notes in Computer Science, Springer-Verlag, August 2006

  • Stefan Dziembowski
    Intrusion-Resilience via the Bounded-Storage Model
    Theory of Cryptography Conference (TCC) 2006,  Lecture Notes in Computer Science, Springer-Verlag, March 2006

Some other relevant publications
  • R. Canetti, S. Halevi, and M. Steiner
    Mitigating Dictionary Attacks on Password-Protected Local Storage.
    In Advances in Cryptology - CRYPTO 2006, volume 4117 of LNCS, pages 160–179. Springer, 2006

  • D. Cash, Y. Z. Ding, Y. Dodis, W. Lee, R. J. Lipton, and S. Walfish.
    Intrusion-Resilient Key Exchange in the Bounded Retrieval Model.
    In 4th Theory of Cryptography Conference, TCC 2007, LNCS, pages 479–498. Springer

  • D. Chaum.
    Secret-Ballot Receipts: True Voter-Verifiable Elections.
    IEEE Security and Privacy, 02(1):38–47, 2004.

  • G. Di Crescenzo, R. J. Lipton, and S.Walfish.
    Perfectly Secure Password Protocols in the Bounded Retrieval Model.
    In Third Theory of Cryptography Conference, TCC 2006, volume 3876 of LNCS, pages 225–244, 2006.

  • D. Dagon, W. Lee, and R. J. Lipton.
    Protecting secret data from insider attacks. In Financial Cryptography and Data Security,
    volume 3570 of LNCS, pages 16–30. Springer, 2005.

  • A. W. Dent and J. Malone-Lee.
    The Physically Observable Security of Signature Schemes.
    In Cryptography and Coding, LNCS, pages 220–232. Springer, 2005.

  • R. Gennaro, A. Lysyanskaya, T. Malkin, S. Micali, and T. Rabin.
    Algorithmic Tamper-Proof (ATP) Security: Theoretical Foundations for Security against Hardware Tampering.
    In First Theory of Cryptography Conference, TCC 2004, volume 2951 of LNCS, pages 258–277. Springer, 2004.

  • D. Harnik and M. Naor.
    On the Compressibility of NP Instances and Cryptographic Applications.
    In 47th IEEE Symposium on Foundations of Computer Science (FOCS’06), pages 719–728. IEEE, 2006.

  • Y. Ishai, M. Prabhakaran, A. Sahai, and D. Wagner.
    Private Circuits II: Keeping Secrets in Tamperable Circuits.
    In Advances in Cryptology - EUROCRYPT 2006, volume 4004 of LNCS, pages 308–327. Springer, 2006.

  • Y. Ishai, A. Sahai, and D. Wagner. Private Circuits:
    Securing Hardware against Probing Attacks.
    In Advances in Cryptology - CRYPTO 2003, volume 2729 of LNCS, pages 463–481. Springer, 2003.

  • S. Micali and L. Reyzin.
    Physically Observable Cryptography (Extended Abstract).
    In First Theory of Cryptography Conference,  TCC 2004, volume 2951 of LNCS, pages 278–296. Springer, 2004.

  • F.-X. Standaert, T. G. Malkin, and M. Yung.
    A Formal Practice-Oriented Model For The Analysis of Side-Channel Attacks
    Cryptology ePrint Archive, Report 2006/139, 2006. http://eprint.iacr.org/.


FP7 logo

Founded by the European Research Council through the EU 7th Research Framework Programme.