Fallen Sanctuary: A Higher-Order and Leakage-Resilient Rekeying Scheme
This paper presents a provably secure, higher-order, and leakage-resilient (LR) rekeying scheme named LR Rekeying with Random oracle Repetition (LR4), along with a quantitative security evaluation methodology. Many existing LR primitives are based on a concept of leveled implementation, which still...
Uloženo v:
| Vydáno v: | IACR transactions on cryptographic hardware and embedded systems Ročník 2024; číslo 1; s. 264 - 308 |
|---|---|
| Hlavní autoři: | , , , |
| Médium: | Journal Article |
| Jazyk: | angličtina |
| Vydáno: |
Ruhr-Universität Bochum
04.12.2023
|
| Témata: | |
| ISSN: | 2569-2925, 2569-2925 |
| On-line přístup: | Získat plný text |
| Tagy: |
Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
|
| Abstract | This paper presents a provably secure, higher-order, and leakage-resilient (LR) rekeying scheme named LR Rekeying with Random oracle Repetition (LR4), along with a quantitative security evaluation methodology. Many existing LR primitives are based on a concept of leveled implementation, which still essentially require a leak-free sanctuary (i.e., differential power analysis (DPA)-resistant component(s)) for some parts. In addition, although several LR pseudorandom functions (PRFs) based on only bounded DPA-resistant components have been developed, their validity and effectiveness for rekeying usage still need to be determined. In contrast, LR4 is formally proven under a leakage model that captures the practical goal of side-channel attack (SCA) protection (e.g., masking with a practical order) and assumes no unbounded DPA-resistant sanctuary. This proof suggests that LR4 resists exponential invocations (up to the birthday bound of key size) without using any unbounded leak-free component, which is the first of its kind. Moreover, we present a quantitative SCA success rate evaluation methodology for LR4 that combines the bounded leakage models for LR cryptography and a state-of-the-art information-theoretical SCA evaluation method. We validate its soundness and effectiveness as a DPA countermeasure through a numerical evaluation; that is, the number of secure calls of a symmetric primitive increases exponentially by increasing a security parameter under practical conditions. |
|---|---|
| AbstractList | This paper presents a provably secure, higher-order, and leakage-resilient (LR) rekeying scheme named LR Rekeying with Random oracle Repetition (LR4), along with a quantitative security evaluation methodology. Many existing LR primitives are based on a concept of leveled implementation, which still essentially require a leak-free sanctuary (i.e., differential power analysis (DPA)-resistant component(s)) for some parts. In addition, although several LR pseudorandom functions (PRFs) based on only bounded DPA-resistant components have been developed, their validity and effectiveness for rekeying usage still need to be determined. In contrast, LR4 is formally proven under a leakage model that captures the practical goal of side-channel attack (SCA) protection (e.g., masking with a practical order) and assumes no unbounded DPA-resistant sanctuary. This proof suggests that LR4 resists exponential invocations (up to the birthday bound of key size) without using any unbounded leak-free component, which is the first of its kind. Moreover, we present a quantitative SCA success rate evaluation methodology for LR4 that combines the bounded leakage models for LR cryptography and a state-of-the-art information-theoretical SCA evaluation method. We validate its soundness and effectiveness as a DPA countermeasure through a numerical evaluation; that is, the number of secure calls of a symmetric primitive increases exponentially by increasing a security parameter under practical conditions. |
| Author | Homma, Naofumi Inoue, Akiko Minematsu, Kazuhiko Ueno, Rei |
| Author_xml | – sequence: 1 givenname: Rei surname: Ueno fullname: Ueno, Rei – sequence: 2 givenname: Naofumi surname: Homma fullname: Homma, Naofumi – sequence: 3 givenname: Akiko surname: Inoue fullname: Inoue, Akiko – sequence: 4 givenname: Kazuhiko surname: Minematsu fullname: Minematsu, Kazuhiko |
| BookMark | eNpNkN9KwzAchYMoOOeewb5Aa5LmT-PdGM4NBoNNr0Oa_NJl61pJq7C3t3QiXp3Dufg4fA_otmkbQOiJ4IwJXojn3h6gy74ppiwLJKOCpTkubtCEcqFSqii__dfv0azrjhhjyjEnUk3QcmnqGppkbxrbf5l4eUnmySpUB4jpNjqIiWlcsgFzMhWkO-hCHaDpkx2c4BKaKtkPB87wiO68qTuY_eYUfSxf3xerdLN9Wy_mm9RSpYqUeimtKjmjFnvPHDgmgClwXlpwUlKqQEApQFmRFxRKXjLiGVe5UERQkk_R-sp1rTnqzxjOw2XdmqDHoY2VNrEPtgatfJkLKrmUzjNReAO4zDEzFKAgqmADS15ZNrZdF8H_8QjWo1092tWjXR2IHuzqwW7-Aw8gcKA |
| ContentType | Journal Article |
| DBID | AAYXX CITATION DOA |
| DOI | 10.46586/tches.v2024.i1.264-308 |
| DatabaseName | CrossRef DOAJ Directory of Open Access Journals |
| DatabaseTitle | CrossRef |
| DatabaseTitleList | CrossRef |
| Database_xml | – sequence: 1 dbid: DOA name: Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website |
| DeliveryMethod | fulltext_linktorsrc |
| EISSN | 2569-2925 |
| EndPage | 308 |
| ExternalDocumentID | oai_doaj_org_article_9fb3627577df468fae0b304a2ee81984 10_46586_tches_v2024_i1_264_308 |
| GroupedDBID | AAFWJ AAYXX AFPKN ALMA_UNASSIGNED_HOLDINGS CITATION GROUPED_DOAJ M~E |
| ID | FETCH-LOGICAL-c2998-2f77c9b542c0ff4ded46e49edf7ced77229e6eb6e9c6382eb5b41f45936916213 |
| IEDL.DBID | DOA |
| ISSN | 2569-2925 |
| IngestDate | Tue Oct 14 19:06:06 EDT 2025 Sat Nov 29 02:10:49 EST 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 1 |
| Language | English |
| License | https://creativecommons.org/licenses/by/4.0 |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c2998-2f77c9b542c0ff4ded46e49edf7ced77229e6eb6e9c6382eb5b41f45936916213 |
| OpenAccessLink | https://doaj.org/article/9fb3627577df468fae0b304a2ee81984 |
| PageCount | 45 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_9fb3627577df468fae0b304a2ee81984 crossref_primary_10_46586_tches_v2024_i1_264_308 |
| PublicationCentury | 2000 |
| PublicationDate | 2023-12-04 |
| PublicationDateYYYYMMDD | 2023-12-04 |
| PublicationDate_xml | – month: 12 year: 2023 text: 2023-12-04 day: 04 |
| PublicationDecade | 2020 |
| PublicationTitle | IACR transactions on cryptographic hardware and embedded systems |
| PublicationYear | 2023 |
| Publisher | Ruhr-Universität Bochum |
| Publisher_xml | – name: Ruhr-Universität Bochum |
| SSID | ssj0002505179 |
| Score | 2.247556 |
| Snippet | This paper presents a provably secure, higher-order, and leakage-resilient (LR) rekeying scheme named LR Rekeying with Random oracle Repetition (LR4), along... |
| SourceID | doaj crossref |
| SourceType | Open Website Index Database |
| StartPage | 264 |
| SubjectTerms | Fresh rekeying Leakage resilience Side-channel attack |
| Title | Fallen Sanctuary: A Higher-Order and Leakage-Resilient Rekeying Scheme |
| URI | https://doaj.org/article/9fb3627577df468fae0b304a2ee81984 |
| Volume | 2024 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| journalDatabaseRights | – providerCode: PRVAON databaseName: Directory of Open Access Journals customDbUrl: eissn: 2569-2925 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0002505179 issn: 2569-2925 databaseCode: DOA dateStart: 20180101 isFulltext: true titleUrlDefault: https://www.doaj.org/ providerName: Directory of Open Access Journals – providerCode: PRVHPJ databaseName: ROAD: Directory of Open Access Scholarly Resources customDbUrl: eissn: 2569-2925 dateEnd: 99991231 omitProxy: false ssIdentifier: ssj0002505179 issn: 2569-2925 databaseCode: M~E dateStart: 20180101 isFulltext: true titleUrlDefault: https://road.issn.org providerName: ISSN International Centre |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV09T8MwELUQYmBBIECUL3lgdZu4jtOwFdSIoRTUgtTN8sdZioCA2lKJhd_O2SmoTCwsGaIoct6z_e6U8ztCLmSijbZZzrKu5kxID6zwoBkIIVwwgEpdZHqYj0a96bS4X2v1FWrCGnvgBrhO4U03OOnmufNC9ryGxGAKrjkAilkvOoFi1LOWTIU9OAg7TrWmoEugyspOAGHeXmKyL9oVZoYy_BHo_ZKjNdf-KC_lLtlZxYW034xnj2xAvU_KMnY6oROkZoFcflzSPm0qM9hd8MykunZ0CPoJdwU2hnn1HI430jHg0kRNohMczQsckMdy8HB9w1aND5jl4cgb93luC5MJbhPvhQMnJIgCnM8tOIyHeQESjITC4vLhYDIjUi9ic75U8rR7SDbr1xqOCLUgjZDCYVyC6CNm2qAk4zL2XqYAskWS7-9Xb42_hcK8IEKmImQqQqaqVCFkCiFrkauA08_jwaA63kDa1Io29Rdtx__xkhOyHbq_x-oScUo2F7N3OCNbdrmo5rPzOCPwevs5-AJVsLsl |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Fallen+Sanctuary%3A+A+Higher-Order+and+Leakage-Resilient+Rekeying+Scheme&rft.jtitle=IACR+transactions+on+cryptographic+hardware+and+embedded+systems&rft.au=Ueno%2C+Rei&rft.au=Homma%2C+Naofumi&rft.au=Inoue%2C+Akiko&rft.au=Minematsu%2C+Kazuhiko&rft.date=2023-12-04&rft.issn=2569-2925&rft.eissn=2569-2925&rft.volume=2024&rft.issue=1&rft.spage=264&rft.epage=308&rft_id=info:doi/10.46586%2Ftches.v2024.i1.264-308&rft.externalDBID=n%2Fa&rft.externalDocID=10_46586_tches_v2024_i1_264_308 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2569-2925&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2569-2925&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2569-2925&client=summon |