Paper 2007/356

A Block Cipher based PRNG Secure Against Side-Channel Key Recovery

Christophe Petit, Francois-Xavier Standaert, Olivier Pereira, Tal G. Malkin, and Moti Yung

Abstract

We study the security of a block cipher-based pseudorandom number generator, both in the black box world and in the physical world, separately. We first show that the construction is a secure PRNG in the ideal cipher model. Then, we demonstrate its security against a Bayesian side-channel key recovery adversary. As a main result, we show that our construction guarantees that the success rate of the adversary does not increase with the number of physical observations, but in a limited and controlled way. Besides, we observe that, under common assumptions on side-channel attack strategies, increasing the security parameter (typically the block cipher key size) by a polynomial factor involves an increase of a side-channel attack complexity by an exponential factor, making the probability of a successful attack negligible. We believe this work provides a first interesting example of the way the algorithmic design of a cryptographic scheme influences its side-channel resistance.

Note: More details are available on: http://www.dice.ucl.ac.be/~fstandae/tsca/

Metadata
Available format(s)
PDF PS
Category
Implementation
Publication info
Published elsewhere. To appear in the proceedings of ASIACCS 2008.
Keywords
physically observable cryptographyside-channel attacksprovable securityblock ciphers
Contact author(s)
fstandae @ uclouvain be
History
2008-01-02: revised
2007-09-13: received
See all versions
Short URL
https://ia.cr/2007/356
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2007/356,
      author = {Christophe Petit and Francois-Xavier Standaert and Olivier Pereira and Tal G.  Malkin and Moti Yung},
      title = {A Block Cipher based {PRNG} Secure Against Side-Channel Key Recovery},
      howpublished = {Cryptology {ePrint} Archive, Paper 2007/356},
      year = {2007},
      url = {https://eprint.iacr.org/2007/356}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.