-
Article
Fast Large-Scale Honest-Majority MPC for Malicious Adversaries
Protocols for secure multiparty computation enable a set of parties to compute a function of their inputs without revealing anything but the output. The security properties of the protocol must be preserved in...
-
Chapter and Conference Paper
Side-Channeling the Kalyna Key Expansion
In 2015, the block cipher Kalyna has been approved as the new encryption standard of Ukraine. The cipher is a substitution-permutation network, whose design is based on AES, but includes several different feat...
-
Chapter and Conference Paper
Snapshot-Oblivious RAMs: Sub-logarithmic Efficiency for Short Transcripts
Oblivious RAM (ORAM) is a powerful technique to prevent harmful data breaches. Despite tremendous progress in improving the concrete performance of ORAM, it remains too slow for use in many practical settings;...
-
Chapter and Conference Paper
Drive-By Key-Extraction Cache Attacks from Portable Code
We show how malicious web content can extract cryptographic secret keys from the user’s computer. The attack uses portable scripting languages supported by modern browsers to induce contention for CPU cache re...
-
Chapter and Conference Paper
Best of Both Worlds in Secure Computation, with Low Communication Overhead
When performing a secure multiparty computation with a few hundred parties, using the best protocols known today, bandwidth constraints are the primary bottleneck. A long line of work demonstrates that n parties ...
-
Chapter and Conference Paper
Fast Large-Scale Honest-Majority MPC for Malicious Adversaries
Protocols for secure multiparty computation enable a set of parties to compute a function of their inputs without revealing anything but the output. The security properties of the protocol must be preserved in...
-
Chapter and Conference Paper
Closure Under Reversal of Languages over Infinite Alphabets
It is shown that languages definable by weak pebble automata are not closed under reversal. For the proof, we establish a kind of periodicity of an automaton’s computation over a specific set of words. The per...
-
Article
CacheBleed: a timing attack on OpenSSL constant-time RSA
The scatter–gather technique is a commonly implemented approach to prevent cache-based timing attacks. In this paper, we show that scatter–gather is not constant time. We implement a cache timing attack agains...
-
Article
Acoustic Cryptanalysis
Many computers emit a high-pitched noise during operation, due to vibration in some of their electronic components. These acoustic emanations are more than a nuisance: They can convey information about the sof...
-
Chapter and Conference Paper
How to Construct a Leakage-Resilient (Stateless) Trusted Party
Trusted parties and devices are commonly used in the real world to securely perform computations on secret inputs. However, their security can often be compromised by side-channel attacks in which the adversar...
-
Chapter and Conference Paper
Sliding Right into Disaster: Left-to-Right Sliding Windows Leak
It is well known that constant-time implementations of modular exponentiation cannot use sliding windows. However, software libraries such as Libgcrypt, used by GnuPG, continue to use sliding windows. It is wi...
-
Chapter and Conference Paper
Computational Integrity with a Public Random String from Quasi-Linear PCPs
A party executing a computation on behalf of others may benefit from misreporting its output. Cryptographic protocols that detect this can facilitate decentralized systems with stringent computational integrit...
-
Chapter and Conference Paper
ECDH Key-Extraction via Low-Bandwidth Electromagnetic Attacks on PCs
We present the first physical side-channel attack on elliptic curve cryptography running on a PC. The attack targets the ECDH public-key encryption algorithm, as implemented in the latest version of GnuPG. By ...
-
Chapter and Conference Paper
Binary AMD Circuits from Secure Multiparty Computation
An AMD circuit over a finite field \(\mathbb {F}\) F ...
-
Chapter and Conference Paper
CacheBleed: A Timing Attack on OpenSSL Constant Time RSA
The scatter-gather technique is a commonly implemented approach to prevent cache-based timing attacks. In this paper we show that scatter-gather is not constant time. We implement a cache timing attack against...
-
Article
Get your hands off my laptop: physical side-channel key-extraction attacks on PCs
We demonstrate physical side-channel attacks on a popular software implementation of RSA and ElGamal, running on laptop computers. Our attacks use novel side channels, based on the observation that the “ground...
-
Chapter and Conference Paper
Efficient Multi-party Computation: From Passive to Active Security via Secure SIMD Circuits
A central problem in cryptography is that of converting protocols that offer security against passive (or semi-honest) adversaries into ones that offer security against active (or malicious) adversaries. This ...
-
Chapter and Conference Paper
Stealing Keys from PCs Using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation
We present new side-channel attacks on RSA and ElGamal implementations that use sliding-window or fixed-window (m-ary) modular exponentiation. The attacks extract decryption keys using a very low measurement band...
-
Chapter and Conference Paper
RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis
Many computers emit a high-pitched noise during operation, due to vibration in some of their electronic components. These acoustic emanations are more than a nuisance: as we show in this paper, they can leak t...
-
Chapter and Conference Paper
Get Your Hands Off My Laptop: Physical Side-Channel Key-Extraction Attacks on PCs
We demonstrate physical side-channel attacks on a popular software implementation of RSA and ElGamal, running on laptop computers. Our attacks use novel side channels, based on the observation that the “ground...
