Implementing a leakage-resilient storage scheme and a refreshing protocol to prevent continuous leakage attacks
| dc.contributor.author | Alawatugoda, J. | |
| dc.contributor.author | Eranga, D. | |
| dc.contributor.author | Jayanath, N. | |
| dc.contributor.author | Somathilaka, C. | |
| dc.contributor.author | Ragel, R. | |
| dc.date.accessioned | 2025-10-31T08:40:44Z | |
| dc.date.available | 2025-10-31T08:40:44Z | |
| dc.date.issued | 2016-11-05 | |
| dc.description.abstract | Although the cryptographic schemes are designed in a way that they are hard to break computationally, leaking information from their implementations (timing, EM radiation, power traces) may give sufficient power to the attacker to break the system by fully or partially recovering the secret parameters such as secret keys. Such attacks are known as side- channel attacks. The secret data can leak to the attacker while they are stored in the memory or involved in computations. The leakage-resilient cryptography aims to design proven-secure cryptographic schemes against side-channel attacks. If the secret value has less number of bytes, the attacker can obtain bounded amount of bytes from a side-channel attack, and get rest of the bytes by brute-forcing. In this work, we implement a leakage-resilient (LR) storage scheme and its refreshing protocol. The LR storage scheme can securely store a secret in the memory against side-channel attacks (bounded memory leakage attacks), and the refreshing protocol can protect the secret from repeatedly occurring side-channel attacks (continuous leakage attacks). Above LR storage scheme and protocol work as follows: The LR storage scheme expands the number of bytes of the secret into very large amount of bytes, without damaging the actual value. Then the attacker has to steal a lot of bytes to recover the secret. Usually, such a large amount of bytes cannot be obtained by side-channel attacks. If the attacker obtains continuous leakage, then he has a chance of revealing a large amount of bytes of the secret. Therefore, the refreshing protocol continuously refreshes the expanded value, without damaging the actual secret value. In order to achieve high security, we have to sacrifice the efficiency by introducing additional computations in expanding the secret value and refreshing. As a solution for that, we use the GPU for those computations by implementing them in CUDA. As a real-world application of this implementation we can integrate the LR storage scheme and the refreshing protocol with a Diffie-Hellman-based key exchange protocol and RSA algorithm, to implement them in the leakage-resilient manner. | |
| dc.identifier.citation | Proceedings of the Peradeniya University International Research Sessions (iPURSE) – 2016, University of Peradeniya, P 284 | |
| dc.identifier.isbn | 978-955-589-225-4 | |
| dc.identifier.uri | https://ir.lib.pdn.ac.lk/handle/20.500.14444/5868 | |
| dc.language.iso | en_US | |
| dc.publisher | University of Peradeniya, Sri Lanka | |
| dc.subject | Leakage-resilient | |
| dc.subject | GPU | |
| dc.subject | CUDA | |
| dc.subject | RSA algorithm | |
| dc.title | Implementing a leakage-resilient storage scheme and a refreshing protocol to prevent continuous leakage attacks | |
| dc.type | Article |