A survey of Microarchitectural Side-channel Vulnerabilities, Attacks, and Defenses in Cryptography
Download 176.24 Kb.
|
- Navigate this page:
- Bimodal Lattice Signature Scheme (BLISS)
- Message Authentication Code (MAC)
| Post-quantum cryptography. The advent of quantum computers in the near future can break the security of classical asymmetric cryptography. As such, post-quantum cryptography, a family of asymmetric ciphers, is proposed to survive attacks by a quantum computer. One popular scheme is lattice-based cryptography. For instance, NTRU [95] utilizes simple polynomial multiplication in the ring of truncated polynomials. Bimodal Lattice Signature Scheme (BLISS) [65] provides the digital signature function secure against quantum computers. Other algorithms were proposed based on the Ring Learning With Errors (RLWE) hard problem [135].
|| || || || Cryptographic protocol. SSL/TLS allows a server and a client to use the handshake protocol to exchange a symmetric key K for later secure communications. Specifically, the client first sends a list of its supported cipher suites and the server responds with a list of its supported cipher suites and the server certificate. Then the client picks a cipher (e.g., RSA) supported by both parties and generates a random secret string K as the master key. The client generates a random non-zero padding string pad that is at least 8 bytes, creates a block 0x00 0x02 pad 0x00 K, encrypts it using the server’s public key, and sends the ciphertext to the server. The server decrypts and accepts the message only when the format is valid. Finally, the server sends a “finished” message to the client and the client replies with a “finished” message, marking the completion of the key exchange. After the key is established, the server and client adopt CBC-MAC to encrypt messages. The plaintext P is created by concatenating the message m, its Message Authentication Code (MAC), and a padding string chosen to make the byte length of P a multiple of the block size. Then P is divided into blocks of b bytes, each block encrypted with key K. The final message is the concate- nation of a header and all encrypted blocks. The receiver decrypts the ciphertext in CBC mode and validates the padding format and the MAC. If both are correct, then she accepts the original intact message m. Download 176.24 Kb. Share with your friends:
|