Security with Noisy Data
Boris !kori"
Eindhoven University of Technology
Information Hiding 2010
Calgary, June 29
1
Outline
• “Security with noisy data”
- biometrics & privacy
- Physical Unclonable Functions (PUFs)
! anti-counterfeiting
! authentication
! read-proof key storage
• Secure Sketches & Fuzzy Extractors
- basics
- some easy constructions
• Quantum Readout of PUFs
-
remote authentication without trusted reader
Quantum Key Distribution with authenticated quantum channel
2
Example A: biometric authentication
• Biometrics are not really secret
- easy to obtain
- don’t entrust important secrets to biom. key
• ... but have to be treated confidentially
- privacy legislation
- large databases, insider attacks
3
Example A: biometric authentication
• Biometrics are not really secret
- easy to obtain
- don’t entrust important secrets to biom. key
• ... but have to be treated confidentially
- privacy legislation
- large databases, insider attacks
• Solution
- treat biom. authentication same as Unix passwords
- store hash of {biometric + salt}
• Problem
- noisy measurements
- hash has no noise tolerance
0010110101
1110111001..
.
3
PUFs
• Relatively new security primitive (Pappu 2001)
• Physical Unclonable Function; ideally
-
complex piece of material
challenge-response behaviour
difficult to characterize (“opaque”)
difficult to clone physically
difficult to emulate (“mathematical unclonability”)
• Various applications
-
authentication token
anti-counterfeiting
secure key storage
software to hardware binding
tamper evidence
4
Optical PUF
Pappu 2001
Silicon PUF [Gassend et al. 2002]
TiO2!
TiN!
Coating PUF
Posch 1998; Tuyls et al. 2006
SRAM PUF
Guajardo et al.
Su et al. 2007
FPGA ‘butterfly’ PUF
Kumar et al. 2008
5
Optical PUF
coherent multiple scattering
Speckle pattern:
• bright and dark spots
• looks random
• depends strongly on wavelength, angle, focus
• depends strongly on location of scattering particles
Satisfies all the “ideal PUF” requirements
and has huge number of Challenge-Response Pairs
6
Anti-counterfeiting
Traditional approach:
• add authenticity mark to product
• hard to forge
• all marks are identical
7
Anti-counterfeiting
Traditional approach:
• add authenticity mark to product
• hard to forge
Er, ... WTF?
• all marks are identical
}
7
Anti-counterfeiting
Traditional approach:
• add authenticity mark to product
• hard to forge
Er, ... WTF?
• all marks are identical
}
Imagine your company needs a security label ...
• how do you know what you are buying?
- nobody discloses technology details
- there is no “AES” for anti-counterfeiting
- perfect market for snake oil
• by the way, many of the suppliers are Chinese
7
Example B: anti-counterfeiting with bare PUFs
• Unique marks
- uncontrollable process
- even manufacturer cannot clone
• digitally signed by Enrollment Authority.
• Two-step verification
- check signature of Authority
- check the mark.
• Forgery needs either
- physical cloning
- or fake signature.
• Allows open approach
- no longer security-by-obscurity.
[Bauder, Simmons < 1991]
Certificate
!"#$%&'()"*+,%"
!"-.#*$/"&0)-"
!"10$2"&-)0*34"
!"#"$%&'("#)%$*+,'
-.'/*$01+"$.'234'
9
Example B: anti-counterfeiting with bare PUFs
• Unique marks
- uncontrollable process
[Bauder, Simmons < 1991]
- even manufacturer cannot clone
• digitally signed by Enrollment Authority.
• Two-step verification
- check signature of Authority
- check the mark.
• Forgery needs either
- physical cloning
- or fake signature.
• Allows open approach
- no longer security-by-obscurity.
Certificate
!"#$%&'()"*+,%"
!"-.#*$/"&0)-"
!"10$2"&-)0*34"
!"#"$%&'("#)%$*+,'
-.'/*$01+"$.'234'
Manufacturer afraid to reveal product properties
• just like biometric privacy
• store hash of {mark + salt} ! problem with noise
9
Example C: remote authentication with bare PUF
Eve has occasional access to the PUF
Alice has {ci, Si}
Random i
Bob has the PUF
ci
Check if ci is replay
Measure PUF response S’
Authenticated channel; MAC key Si
Never use i again
• PUF serves as huge repository of keys
• Problem: noisy measurements !
10
Example D: Read-proof key storage
Device secrets stored during off state
• attacker has full access
• assumption: digital NV memory is insecure
Derive encryption key from Silicon/Coating PUF
• only when needed
• non-digital, hard to read from outside
• tampering destroys key
• Physically Obfuscated Key (POK)
Integrated package
POK sensor
K
crypto processor
Insecure NV-mem
EK[Device secrets]
Noise!
11
Secure Sketches
&
Fuzzy Extractors
12
A special kind of noise correction
Redundancy data
•
•
•
•
Juels, Wattenberg 1999
Dodis, Reyzin, Smith 2003
Linnartz, Tuyls 2003
required for error correction
created at enrollment
assumed public
must not leak
60
Secure Sketch
X
60
SS
Fuzzy Extractor
Exercise 6.1 Which security property i
X
Gen
S
Exercise 6.2 Which correctness propert
security propertyWis strongest, S1 ,
W (helper
data)
Exercise
6.1 Which
X’
X̂
X’
Rec 6.2 Which correctness
Rep is strongest,
S’
Exercise
property
C
@ Check def of tilde H infty conditional!
• Prob[ X̂ !X] is low
• Prob[S’!S] is low
Definition 6.2 A Secure Sketch for a
• I(W; X)
small def of tilde H infty∗ •conditional!
I(W; S) is small
@ isCheck
X → {0, 1} •: x "→ wx (“sketch”) and Re
don’t care about I(W;X)
13
Protecting the helper data (no PKI)
“robustness”
of helper data
x
SS
Boyen 2005
w and h=hash(x, w)
attack
Random oracle model
w’, h’
x’
Rec
x#
Check h’==hash(x#,w’)
14
Protecting the helper data (no PKI)
SS
x
“robustness”
of helper data
w and h=hash(x, w)
attack
Random oracle model
w’, h’
x’
Rec
Standard model
x
x’
x#
Check h’==hash(x#,w’)
“KMS-MAC”
Gen
attack
Boyen 2005
s = s1||s2
Cramer et al. 2008
Use s2 as secret
w and m=MAC(s1,w)
w’, m’
Rep
s’ = s’1||s’2
Check m’==MAC(s’1,w’)
14
Which technique to use, SS or FE?
Application
bare PUF
password
authent.
biometric
authent.
anticounterfeiting PUF
anticounterfeiting PUF
PUF authent.
w/o MACs
PUF authent.
with MACs
POK
privacy uniform
of X ? secret?
!
!
!
Technique
One-Way Function
Secure Sketch + OWF
Secure Sketch + OWF
-----
!
!
Fuzzy Extractor
Fuzzy Extractor
15
Bluff your way in Secure Sketches
Discrete non-uniform noisy X.
Enrollment phase:
w " SS(x)
16
Bluff your way in Secure Sketches
Discrete non-uniform noisy X.
w " SS(x)
Enrollment phase:
x
w
16
Reconstruction phase:
x# = Rep(x’,w)
x’
17
Reconstruction phase:
x# = Rep(x’,w)
x’
w
17
Reconstruction phase:
x’
w
x# = Rep(x’,w)
x#
17
Secure Sketch: privacy of X
How much does W leak?
w
• position of X in a tile
How bad is that?
• generally not so bad
• sort of “least significant bits”
• subject to noise anyway
18
Secure Sketch: privacy of X
How much does W leak?
w
• position of X in a tile
How bad is that?
• generally not so bad
• sort of “least significant bits”
• subject to noise anyway
Can you do without helper data?
• only if all enrollments occur first
• but then the ECC leaks
18
Fuzzy Extractor: generic construction from SS
Dodis, Reyzin, Smith 2003
public
Gen
UHF
X
SS
W
X’
Rec x#
S
random r
UHF
S’
Rep
UHF = universal hash function
19
efinition 3.5 (Almost universal family of hash functions) Let η ≥ 0 be a
, X anduniversal
T be finiteAlmost
sets.
Let Universal
{Φrof
}r∈R
be aHash
family
of hash functions
to Ta
most
family
hash
functions)
Let η from
≥ 0X be
Functions
Φr }r∈R is called η-almost universal iff, for R drawn uniformly from R, it holds tha
e sets. Let {Φr }r∈R be a family of hash functions from X to
#
= ΦR
)] ≤
η x, x’
almost
universal
iff, for
RProb[Φ
drawn
from
R, it holds t
R (x)uniformly
#:X$R$
T is called
%-almost
universal
if,(xfor
fixed
r all x, x# ∈ X with x# $= x.
Prob[ΦR (x) = ΦR (x )] ≤ η
#
oteCalled
that Universal
a 1/|T |-almost
family of hash functions is universal.
Carter, Wegman 1979
for % = 1/universal
|T |
om
of (almost) universal hash functions it can be proven that for some
x# the
$= existence
x.
parameters there always
exists a strong
extractor.
There is a famous statement
Leftover
hash
lemma
tover hash lemma.
most universal family of hash functions is universal.
heorem
3.4universal
(Leftover hash
lemma)
Let X
∈
X and
Y
be jointly
distributed
R
(almost)
hash
functions
it
can
be
proven
that
for
som
ℓ
%ℓ !
If F: X$R${0,1}
a constant.
Let F : X × Ris→2{0, (1+&)
1} be-almost
a 2−! (1 +universal,
δ)-almost then
universal family of ha
always
exists
a
strong
extractor.
There
is
a
famous
statemen
th seed R ∈ R. Then
!
1
δ + 2!−He 2 (X|Y ) .
∆(F (X, R)Y R; U! Y R) ≤
2
over hash lemma) Let X ∈ X and Y be jointly distributed
variants
of the leftoveruniversal
hash lemmafamily
with min-en
:the
X literature
× R → you
{0,will
1}!often
be afind
2"−!
(1 + δ)-almost
of
orst-case conditioning instead of H2 (X|Y ). Eq. (3.15) is the sharpest formulation.
en Distance of F(X,R) from uniformity, given Y and R
orollary 3.1 The extractable randomness of!
X given Y can be bounded as
20
Extractable randomness
Invert the leftover hash lemma:
!εext (X|Y
1
!
) ≥ H2 (X|Y ) + 2 − 2 log
ε
penalty due to uniformity requirement
Rather bad
• H2 ' Shannon entropy
• Penalty term depends on (,
not on uniformity improvement.
21
Basic examples
of
Fuzzy Extractors
22
Fuzzy Extractor purely from UHFs
B!, Tuyls 2008
helper data
MAC key
23
Fuzzy Extractor purely from UHFs
B!, Tuyls 2008
helper data
MAC key
MAC on w
23
Fuzzy Extractor from partitions
Verbitskiy, Tuyls,
Schoenmakers, B! 2008
• First partition:
equiprobable keys
• 2nd partition:
helper data,
equiprob. subpartitions
• S | W=w is uniform
24
Other interesting topics
• PUFs for SW-HW binding
• reconfigurable PUFs for trusted computing
• multiple-rounds randomness extraction
• noisy identification; search in fuzzy database
• tradeoff privacy vs. key rate
• ....
25
Quantum read-out
of PUFs
26
Making jokes is dangerous
Way back in 2003
Theoretical
physicists ...
27
Making jokes is dangerous
Way back in 2003
Theoretical
physicists ...
Let’s do quantum PUFs!
Ha Ha Ha!
Har!
Har!
27
Making jokes is dangerous
Way back in 2003
Theoretical
physicists ...
Let’s do quantum PUFs!
Ha Ha Ha!
Summer of 2009
Har!
Har!
Er ..., actually it does
make sense
27
Remote PUF authentication
What if:
• we want to authenticate a PUF by challenge-response
• it has little entropy
emulatable
• it is in hostile territory
Answer:
• must be sure that right type of object is probed
• we need a trusted device in hostile territory
That’s obvious, right?
28
Quantum physics 101
• Measurement collapses state
• No generic quantum evolution that achieves
U !ψ" # !e" = !ψ" # !ψ" !
for all ψ!
Wootters+Zurek 1982, Dieks 1982
29
Quantum physics 101
• Measurement collapses state
• No generic quantum evolution that achieves
U !ψ" # !e" = !ψ" # !ψ" !
for all ψ!
Wootters+Zurek 1982, Dieks 1982
Executive summary for cryptographers:
• Measurement of unknown state kills info
• No cloning
29
Quantum readout of PUF
New insight:
• combine classical unclonability with quantum no-cloning
• challenge a PUF with unclonable quantum states
) response is also unclonable quantum state
) eavesdropping on challenge/response is detected
) no more need for remote trusted device !
30
Quantum readout of PUF
New insight:
• combine classical unclonability with quantum no-cloning
• challenge a PUF with unclonable quantum states
) response is also unclonable quantum state
) eavesdropping on challenge/response is detected
) no more need for remote trusted device !
Example: Optical PUF challenged with single photons!
!ψ"!
R !ψ"!
[No Secure Sketch or Fuzzy Extractor required]
30
The long arm of quantum physics
31
Assumptions
•
•
•
•
Known physics is correct.
Attacker has full knowledge of the PUF.
Physical cloning is infeasible
Quantum emulation is infeasible
- large quantum computer
- two quantum teleports
32
Assumptions
•
•
•
•
Known physics is correct.
Attacker has full knowledge of the PUF.
Physical cloning is infeasible
Quantum emulation is infeasible
- large quantum computer
- two quantum teleports
My very own security assumption!
32
Authenticated quantum channel
Quantum Key Distribution through a PUF
!ψ"!
R !ψ"!
T !ψ"!
Use for QKD
Use for
PUF authentication
• Usually the classical channel is authenticated (MACs)
• Now it is the quantum channel
33
Concluding
remarks
34
Multi-disciplinary
ry
qua
n
phy ntum
sic
s
o
ati
o
e
h
t
m
or
f
n
i
FUZZY
EXTRACTION
FROM PUF
crypto
error-cor
recting c
o
des
g
n
eri
ty
ri
u
c
e
n
i
g
en
se
35
After years of preaching the PUF gospel ...
36
Summary (sort of)
Main messages
• You may encounter noise in your security problem
• Well known methods to deal with it
- secure sketch
- fuzzy extractor
- universal hash functions
- it can be very simple
• Quantum physics can extend “control”
- remote PUF authentication without trusted device
- authenticated quantum channel for QKD
37