As a special type of fault injection attacks, Related-Key Attacks (RKAs) allow an adversary to manipulate a cryptographic key and subsequently observe the outcomes of the cryptographic scheme under these modified keys. In the real life, related-key attacks are already practical enough to be implemented on cryptographic devices. To avoid cryptographic devices suffering from related-key attacks, it is necessary to design a cryptographic scheme that resists against such attacks. This paper proposes an efficient RKA-secure Key Encapsulation Mechanism (KEM), in which the adversary can modify the secret key sk to any value f(sk), as long as, f is a polynomial function of a bounded degree d. Especially, the polynomial-RKA security can be reduced to a hard search problem, namely d-extended computational Bilinear Diffie-Hellman (BDH) problem, in the standard model. Our construction essentially refines the security of Haralambiev et al.’s BDH-based KEM scheme from chosen-ciphertext security to related-key security. The main technique applied in our scheme is the re-computation of the public key in the decryption algorithm so that any (non-trivial) modification to the secret key can be detected.
Key-encapsulation mechanism, Related-key attacks, BDH
Hardware Systems | Software Engineering
QIN, Brandon; LIU, Shengli; SUN, Shifeng; DENG, Robert H.; and GU, Dawu.
Related-key secure key encapsulation from extended computational bilinear Diffie–Hellman. (2017). Information Sciences. 406-407, 1-11. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/3678
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.