Abstract
Adversarial implementations of cryptographic primitives called kleptographic attacks cause the leakage of secret information.Subliminal channel attacks are one of the kleptographic attacks.In such attacks,backdoors are embedded in implementations of randomized algorithms to elaborately control ran-domness generation,such that the secrets will be leaked from biased outputs.To thwart subliminal channel attacks,double-splitting is a feasible solution,which splits the randomness generator of a randomized algo-rithm into two independent generators.In this paper,we instantiate double-splitting to propose a secure randomness generation algorithm dubbed SRG using two physically independent generators:ordinary and public randomness generators.Based on public blockchains,we construct the public randomness generator,which can be verified publicly.Hashes of a sufficient number of consecutive blocks that are newly confirmed on a blockchain are used to produce public randomness.In SRG,outputs from the two generators are taken as inputs of an immunization function.SRG accomplishes immunization against subliminal channel attacks.Additionally,we discuss the application strategies of SRG for symmetric and public-key encryption.
基金项目
National Nature Science Foundation of China(62272091)
National Nature Science Foundation of China(61872060)
National Key R&D Program of China(2017YFB0802000)
NETL
NSTL
万方数据