Unbounded Leakage-Resilience and Intrusion-Detection in a Quantum World

Alper Cakan; Vipul Goyal; Chen-Da Liu-Zhang; João Ribeiro

Paper 2023/410

Unbounded Leakage-Resilience and Intrusion-Detection in a Quantum World

Alper Cakan

, Carnegie Mellon University

Vipul Goyal, NTT Research, Carnegie Mellon University

Chen-Da Liu-Zhang, Luzern University of Applied Sciences and Arts, Web3 Foundation

João Ribeiro, NOVA LINCS, NOVA School of Science and Technology

Abstract

Can an adversary hack into our computer and steal sensitive data such as cryptographic keys? This question is almost as old as the Internet and significant effort has been spent on designing mechanisms to prevent and detect hacking attacks. Once quantum computers arrive, will the situation remain the same or can we hope to live in a better world? We first consider ubiquitous side-channel attacks, which aim to leak side information on secret system components, studied in the leakage-resilient cryptography literature. Classical leakage-resilient cryptography must necessarily impose restrictions on the type of leakage one aims to protect against. As a notable example, the most well-studied leakage model is that of bounded leakage, where it is assumed that an adversary learns at most bits of leakage on secret components, for some leakage bound . Although this leakage bound is necessary, many real-world side-channel attacks cannot be captured by bounded leakage. In this work, we design cryptographic schemes that provide guarantees against arbitrary side-channel attacks: - Using techniques from unclonable quantum cryptography, we design several basic leakage-resilient primitives, such as public- and private-key encryption, (weak) pseudorandom functions, and digital signatures which remain secure under (polynomially) unbounded classical leakage. In particular, this leakage can be much longer than the (quantum) secret being leaked upon. In our view, leakage is the result of observations of quantities such as power consumption and hence is most naturally viewed as classical information. Notably, the leakage-resilience of our schemes holds even in the stronger adaptive "LOCC leakage'' model where the main adversary and the leakage adversary can cooperate via arbitrary local quantum operations and two-way classical communication in multiple rounds. - What if the adversary simply breaks in and obtains unbounded quantum leakage (thus making leakage-resilience impossible)? Going beyond leakage, what if the adversary can even tamper with the data arbitrarily? We initiate the study of intrusion-detection in the quantum setting, where one would like to detect if security has been compromised even in the face of an arbitrary intruder attack which can leak and tamper with classical as well as quantum data. We design cryptographic schemes supporting intrusion detection for a host of primitives such as public- and private-key encryption, digital signature, functional encryption, program obfuscation and software protection. Our schemes are based on techniques from cryptography with secure key leasing and certified deletion.

Note: Major revision

Metadata

Available format(s): PDF
Category: Foundations
Publication info: Preprint.
Keywords: quantum cryptography leakage-resilient cryptography
Contact author(s): acakan @ andrew cmu edu
vipul @ cmu edu
chen-da liuzhang @ ntt-research com
joao ribeiro @ fct unl pt
History: 2023-10-24: revised; 2023-03-21: received; See all versions
Short URL: https://ia.cr/2023/410
License: CC BY

BibTeX

@misc{cryptoeprint:2023/410,
      author = {Alper Cakan and Vipul Goyal and Chen-Da Liu-Zhang and João Ribeiro},
      title = {Unbounded Leakage-Resilience and Intrusion-Detection in a Quantum World},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/410},
      year = {2023},
      url = {https://eprint.iacr.org/2023/410}
}