(Continuous) Non-malleable Codes for Partial Functions with Manipulation Detection and Light Updates

IF 2.3 3区计算机科学 Q2 COMPUTER SCIENCE, THEORY & METHODS

Journal of Cryptology Pub Date : 2024-04-03 DOI:10.1007/s00145-024-09498-2

Aggelos Kiayias, Feng-Hao Liu, Yiannis Tselekounis

{"title":"(Continuous) Non-malleable Codes for Partial Functions with Manipulation Detection and Light Updates","authors":"Aggelos Kiayias, Feng-Hao Liu, Yiannis Tselekounis","doi":"10.1007/s00145-024-09498-2","DOIUrl":null,"url":null,"abstract":"<p>Non-malleable codes were introduced by Dziembowski et al. (in: Yao (ed) ICS2010, Tsinghua University Press, 2010), and its main application is the protection of cryptographic devices against tampering attacks on memory. In this work, we initiate a comprehensive study on non-malleable codes for the class of partial functions, that read/write on an arbitrary subset of codeword bits with specific cardinality. We present two constructions: the first one is in the CRS model and allows the adversary to selectively choose the subset of codeword bits, while the latter is in the standard model and adaptively secure. Our constructions are efficient in terms of information rate, while allowing the attacker to access asymptotically almost the entire codeword. In addition, they satisfy a notion which is stronger than non-malleability, that we call non-malleability with manipulation detection, guaranteeing that any modified codeword decodes to either the original message or to <span>\\(\\bot \\)</span>. We show that our primitive implies All-Or-Nothing Transforms (AONTs), and as a result our constructions yield efficient AONTs under standard assumptions (only one-way functions), which, to the best of our knowledge, was an open question until now. Furthermore, we construct a notion of continuous non-malleable codes (CNMC), namely CNMC with light updates, that avoids the full re-encoding process and only uses shuffling and refreshing operations. Finally, we present a number of additional applications of our primitive in tamper resilience.</p>","PeriodicalId":54849,"journal":{"name":"Journal of Cryptology","volume":"40 1","pages":""},"PeriodicalIF":2.3000,"publicationDate":"2024-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cryptology","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s00145-024-09498-2","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

Non-malleable codes were introduced by Dziembowski et al. (in: Yao (ed) ICS2010, Tsinghua University Press, 2010), and its main application is the protection of cryptographic devices against tampering attacks on memory. In this work, we initiate a comprehensive study on non-malleable codes for the class of partial functions, that read/write on an arbitrary subset of codeword bits with specific cardinality. We present two constructions: the first one is in the CRS model and allows the adversary to selectively choose the subset of codeword bits, while the latter is in the standard model and adaptively secure. Our constructions are efficient in terms of information rate, while allowing the attacker to access asymptotically almost the entire codeword. In addition, they satisfy a notion which is stronger than non-malleability, that we call non-malleability with manipulation detection, guaranteeing that any modified codeword decodes to either the original message or to \(\bot \). We show that our primitive implies All-Or-Nothing Transforms (AONTs), and as a result our constructions yield efficient AONTs under standard assumptions (only one-way functions), which, to the best of our knowledge, was an open question until now. Furthermore, we construct a notion of continuous non-malleable codes (CNMC), namely CNMC with light updates, that avoids the full re-encoding process and only uses shuffling and refreshing operations. Finally, we present a number of additional applications of our primitive in tamper resilience.

查看原文本刊更多论文

(带操纵检测和光更新的部分函数的（连续）不可并行代码

不可并行码是由 Dziembowski 等人提出的（见《ICS2010》，清华大学出版社，2010 年）：其主要应用是保护加密设备免受对内存的篡改攻击。在这项工作中，我们开始全面研究部分函数类的不可并行代码，这些部分函数可在具有特定心数的任意编码字比特子集上进行读/写。我们提出了两种构造：第一种是 CRS 模型，允许对手有选择地选择码元比特子集；第二种是标准模型，具有自适应安全性。我们的结构在信息速率方面是高效的，同时允许攻击者渐近地访问几乎整个码字。此外，它们还满足一个比非可并行性更强的概念，我们称之为具有操纵检测的非可并行性，保证任何修改过的编码词要么解码为原始信息，要么解码为（\bot \）。我们证明，我们的基元意味着全或无变换（AONTs），因此，我们的构造在标准假设（仅单向函数）下产生了高效的全或无变换，而据我们所知，在此之前，这还是一个未决问题。此外，我们还构建了一种连续不可并行编码（CNMC）的概念，即具有轻更新的 CNMC，它避免了完整的重新编码过程，只使用洗牌和刷新操作。最后，我们介绍了我们的基元在防篡改方面的其他一些应用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Cryptology 工程技术-工程：电子与电气

CiteScore

7.10

自引率

3.30%

发文量

审稿时长

18 months

期刊介绍： The Journal of Cryptology is a forum for original results in all areas of modern information security. Both cryptography and cryptanalysis are covered, including information theoretic and complexity theoretic perspectives as well as implementation, application, and standards issues. Coverage includes such topics as public key and conventional algorithms and their implementations, cryptanalytic attacks, pseudo-random sequences, computational number theory, cryptographic protocols, untraceability, privacy, authentication, key management and quantum cryptography. In addition to full-length technical, survey, and historical articles, the journal publishes short notes.