Cryptology ePrint Archive: Report 2010/503

BiTR: Built-in Tamper Resilience

Seung Geol Choi and Aggelos Kiayias and Tal Malkin

Abstract: The assumption of the availability of tamper-proof hardware tokens has been used extensively in the design of cryptographic primitives. For example, Katz (Eurocrypt 2007) suggests them as an alternative to other setup assumptions, towards achieving general UC-secure multi-party computation. On the other hand, a lot of recent research has focused on protecting security of various cryptographic primitives against physical attacks such as leakage and tampering.

In this paper we put forward the notion of Built-in Tamper Resilience (BiTR) for cryptographic protocols, capturing the idea that the protocol that is encapsulated in a hardware token preserves its security properties even when an adversary may tamper with its secret state. Our definition is within the UC model, and can be viewed as unifying and extending several prior related works. We provide a composition theorem for BiTR security of protocols, as well as several BiTR constructions for specific cryptographic protocols or tampering function classes. In particular, relaxing the tamper-proof token assumption of Katz's work, we achieve UC-secure computation based on a hardware token that may be susceptible to affine tampering attacks. We also present BiTR proofs for identification and signature schemes in the same tampering model. We next observe that non-malleable codes can be used as state encodings to prove the BiTR property and show new positive results for deterministic non-malleable encodings (as opposed to probabilistic that were previously known) for various classes of tampering functions.

Category / Keywords: cryptographic protocols / tamper-proof hardware, tamper resilience, universal composability, secure computation, non-malleable codes

Publication Info: Asiacrypt 2011

Date: received 1 Oct 2010, last revised 16 Jan 2012

Contact author: sgchoi at cs umd edu

Available format(s): PDF | BibTeX Citation

Version: 20120116:194912 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]