Yunhua Wen,Shengli Liu,Dawu Gu

DOI: https://doi.org/10.1007/978-3-030-17259-6_12

2019-01-01

Abstract:Robustly reusable Fuzzy Extractor (rrFE) considers reusability and robustness simultaneously. We present two approaches to the generic construction of rrFE. Both of approaches make use of a secure sketch and universal hash functions. The first approach also employs a special pseudo-random function (PRF), namely unique-input key-shift (ui-ks) secure PRF, and the second uses a key-shift secure auxiliary-input authenticated encryption (AIAE). The ui-ks security of PRF (resp. key-shift security of AIAE), together with the homomorphic properties of secure sketch and universal hash function, guarantees the reusability and robustness of rrFE. Meanwhile, we show two instantiations of the two approaches respectively. The first instantiation results in the first rrFE from the LWE assumption, while the second instantiation results in the first rrFE from the DDH assumption over non-pairing groups.

Yu Zhou,Shengli Liu,Shuai Han

DOI: https://doi.org/10.1016/j.tcs.2024.114677

IF: 1.002

2024-06-07

Theoretical Computer Science

Abstract:Robustly reusable Fuzzy Extractor (rrFE) allows multiple extractions from the same fuzzy source in a reproducible way. The reusability of rrFE asks the pseudo-randomness of the extracted keys, while robustness of rrFE makes sure that active attacks can be detected during the reproduction of the extracted key. With rrFE, we are able to produce cryptographic keys for our cryptosystems from fuzzy sources, like biometrics, physical unclonable functions, etc. There are rrFE schemes from the DDH, LWE and LPN assumptions. However there is no rrFE scheme from isogeny-based assumptions up to now. In this paper, we construct the first rrFE from isogeny. To obtain such an rrFE, we propose a new framework for constructing rrFE with a core technical tool, named Enhanced Effective Group Action (EEGA). EEGA is built upon the basic Effective Group Action (EGA), and is equipped with a sampling algorithm and a derivation algorithm. With such an EEGA, the same random input can be derived to produce different pseudo-random and unpredictable outputs. The EEGA, together with other routine building blocks like secure sketch and extractor, leverages an FE to achieve reusability and robustness. We construct EEGA based on CSI-FiSh, which admits the first rrFE scheme from isogeny. Besides, we also propose another two EEGA instantiations from the DDH assumption, and this provides another approach to DDH-based rrFE, which may be of independent interest.

computer science, theory & methods

Somnath Panja,Shaoquan Jiang,Reihaneh Safavi-Naini

2024-05-07

Abstract:Fuzzy extractors (FE) are cryptographic primitives that extract reliable cryptographic key from noisy real world random sources such as biometric sources. The FE generation algorithm takes a source sample, extracts a key and generates some helper data that will be used by the reproduction algorithm to recover the key. Reusability of FE guarantees that security holds when FE is used multiple times with the same source, and robustness of FE requires tampering with the helper data be detectable.

Cryptography and Security

Yiming Li,Shengli Liu,Dawu Gu,Kefei Chen

DOI: https://doi.org/10.1093/comjnl/bxaa010

2020-01-01

Abstract:A fuzzy extractor derives uniformly random strings from noisy sources that are neither reliably reproducible nor uniformly random. The basic definition of fuzzy extractor was first formally introduced by Dodis et al. and has achieved various applications in cryptographic systems. However, it has been proved that a fuzzy extractor could become totally insecure when the same noisy random source is extracted multiple times. To solve this problem, the reusable fuzzy extractor is proposed. In this paper, we propose the first reusable fuzzy extractor based on the LPN assumption, which is efficient and resilient to linear fraction of errors. Furthermore, our construction serves as an alternative post-quantum reusable fuzzy extractor.

Yunhua Wen,Shengli Liu

DOI: https://doi.org/10.1007/978-3-030-03332-3_17

2018-01-01

Abstract:A fuzzy extractor (FE) aims at deriving and reproducing (almost) uniform cryptographic keys from noisy non-uniform sources. To reproduce an identical key R from subsequent readings of a noisy source, it is necessary to eliminate the noises from those readings. To this end, a public helper string P, together with the key R, is produced from the first reading of the source during the initial enrollment phase.

Yunhua Wen,Shengli Liu

DOI: https://doi.org/10.1007/978-3-319-93638-3_2

2018-01-01

Abstract:Fuzzy extractor converts the reading of a noisy non-uniform source to a reproducible and almost uniform output R. The output R in turn is used in some cryptographic system as a secret key. To enable multiple extractions of keys R-1, R-2, ..., R-rho from the same noisy non-uniform source and applications of different R-i, the concept of reusable fuzzy extractor is proposed to guarantee the pseudorandomness of R-i even conditioned on other extracted keys R-j (from the same source).In this work, we construct a reusable fuzzy extractor from the Learning With Errors (LWE) assumption. Our reusable fuzzy extractor provides resilience to linear fraction of errors. Moreover, our construction is simple and efficient and imposes no special requirement on the statistical structure of the multiple readings of the source.

Yunhua Wen,Shengli Liu,Shuai Han

DOI: https://doi.org/10.1007/s10623-018-0459-4

IF: 1.4

2018-01-01

Designs Codes and Cryptography

Abstract:Fuzzy extractors convert noisy non-uniform readings of secret sources into reliably reproducible, uniformly random strings, which in turn are used in cryptographic applications. Reusable fuzzy extractor allows multiple uses of the same secret source. In this paper, we construct the first strongly reusable fuzzy extractor which tolerates linear fraction of errors, with security tightly reduced to the decisional Diffie–Hellman (DDH) assumption in the standard model. Our construction is simple and efficient. Only two group operations and an evaluation of a hash function are added compared with the traditional construction of non-reusable fuzzy extractors.

Yunhua Wen,Shengli Liu,Ziyuan Hu,Shuai Han

DOI: https://doi.org/10.1093/comjnl/bxy072

2018-01-01

Abstract:Robust fuzzy extractor is able to distill almost uniform strings from non-uniform noisy sources while robustness enables the extractor to detect adversaries' active attacks. Its security used to be defined information-theoretically. Information-theoretical security model is nice but too restricted and the extracted uniform string output by robust fuzzy extractors might be too short to be useful. This occurs even for the nearly optimal statistical robust fuzzy extractor constructed by Cramer et al. (Eurocrypt 2008). In this paper, we introduce the notion of computational robust fuzzy extractor by relaxing information-theoretical security to computational security and defining computational privacy and computational robustness for it. We give a simple construction of computational robust fuzzy extractor based on the hardness of Subgroup Membership Problem and Discrete Logarithm assumption. Thanks to computational security, our construction obtains much longer extracted uniform string than the nearly optimal (information-theoretically) robust fuzzy extractor proposed by Cramer et al.

Yu Zhou,Shengli Liu,Nan Cui

DOI: https://doi.org/10.1016/j.tcs.2022.12.031

IF: 1.002

2023-01-01

Theoretical Computer Science

Abstract:Fuzzy extractors are able to derive uniform and stable strings from noisy sources. Traditional fuzzy extractors are defined as information-theoretical primitive. Unfortunately, the components of information-theoretical fuzzy extractors consume the entropy of the sources, which results in extracted strings being too short to be applied in practice. Fuller et al. introduced the notion of Computational Fuzzy Extractor (CFE) and proposed a CFE scheme, which extracts nearly all entropy from the sources, based on the Learning with Errors (LWE) assumption. However, their construction applies to a limited type of sources and only supports sub-linear error correctness rate. In this paper, we propose a generic construction of CFE from Computationally Private Secure Sketch (CPSS) and Lossy Computational Extractor (LCExt). By instantiating CPSS and LCExt based on the LWE assumption, we obtain specific CFE schemes from LWE. Compared with the CFE scheme by Fuller et al., our CFE scheme not only extracts almost all entropy from the source, but also supports linear error correctness rate, as long as the source has enough entropy.

Guanlin Li,Guowen Xu,Shangwei Guo,Han Qiu,Jiwei Li,Tianwei Zhang

2023-01-01

Abstract:Model extraction attacks are proven to be a severe privacy threat to Machine Learning as a Service (MLaaS). A variety of techniques have been designed to steal a remote machine learning model with high accuracy and fidelity. However, how to extract a robust model with similar resilience against adversarial attacks is never investigated. This paper presents the first study toward this goal. We first analyze those existing extraction solutions either fail to maintain the model accuracy or model robustness or lead to the robust overfitting issue. Then we propose Boundary Entropy Searching Thief (BEST), a novel model extraction attack to achieve both accuracy and robustness extraction under restricted attack budgets. BEST generates a new kind of uncertain examples for querying and reconstructing the victim model. These samples have uniform confidence scores across different classes, which can perfectly balance the trade-off between model accuracy and robustness. Extensive experiments demonstrate that BEST outperforms existing attack methods over different datasets and model architectures under limited data. It can also effectively invalidate state-of-the-art extraction defenses.

Fu Li,David Zuckerman

DOI: https://doi.org/10.4230/lipics.approx-random.2019.72

2018-01-01

Abstract:We study the task of seedless randomness extraction from recognizable sources, which are uniform distributions over sets of the form { x : f ( x ) = 1 } for functions f in some specified class C . We give two simple methods for constructing seedless extractors for C -recognizable sources. Our first method shows that if C admits XOR amplification, then we can construct a seedless extractor for C -recognizable sources by using a mildly hard function for C as a black box. By exploiting this reduction, we give polynomial-time, seedless randomness extractors for three natural recognizable sources: (1) constant-degree algebraic sources over any prime field, where constant-degree algebraic sources are uniform distributions over the set of zeros of a system of constant degree polynomials; (2) sources recognizable by randomized multiparty communication protocols of cn bits, where c > 0 is a small enough constant; (3) halfspace sources, or sources recognizable by linear threshold functions. In particular, the new extractor for each of these three sources has linear output length and exponentially small error for min-entropy k ≥ (1 − α ) n , where α > 0 is a small enough constant. Our second method shows that a seed-extending pseudorandom generator with exponentially small error for C yields an extractor with exponentially small error for C -recognizable sources, improving a reduction by Kinne, Melkebeek, and Shaltiel [16]. Using the hardness of the parity function against AC 0 [13], we significantly improve Shaltiel’s extractor [25] for AC 0 -recognizable sources. Finally, assuming sufficiently strong one-way permutations, we construct seedless extractors for sources recognizable by BPP algorithms, and these extractors run in quasi-polynomial time.

Jeroen Delvaux,Dawu Gu,Ingrid Verbauwhede,Matthias Hiller,Meng-Day (Mandel) Yu

DOI: https://doi.org/10.1007/978-3-662-53140-2_20

2016-01-01

Abstract:The device-unique response of a physically unclonable function (PUF) can serve as the root of trust in an embedded cryptographic system. Fuzzy extractors transform this noisy non-uniformly distributed secret into a stable high-entropy key. The overall efficiency thereof, typically depending on error-correction with a binary [n, k, d] block code, is determined by the universal and well-known (n - k) bound on the min-entropy loss. We derive new considerably tighter bounds for PUF-induced distributions that suffer from, e.g., bias or spatial correlations. The bounds are easy-to-evaluate and apply to large non-trivial codes, e.g., BCH, Hamming and Reed-Muller codes. Apart from an inherent reduction in implementation footprint, the newly developed theory also facilitates the analysis of state-of-the-art error-correction methods for PUFs. As such, we debunk the reusability claim of the reverse fuzzy extractor. Moreover, we provide proper quantitative motivation for debiasing schemes, as this was missing in the original proposals.

Kairui Gong,Wenchuan Yang,Baojiang Cui,Chen Chen

DOI: https://doi.org/10.1109/EIECT58010.2022.00080

2022-01-01

Abstract:With the development of information technology, program vulnerabilities have become more complex and diversified, posing a great threat to the security of computer systems. Among many vulnerability detection methods, fuzzing is an popular method of automatic vulnerability mining which efficiency depends on the quality of generated samples. Some work has introduced reinforcement learning into fuzzing to provide an intelligent scheme for vulnerability mining, but there is still the problem of exploring invalid sample space. In order to solve this problem, this paper proposes a new fuzzer called DRLFCfuzzer, which is based on data boundary segmentation technology and guided by multi-dimensional deep reinforcement learning. We model the fuzzing process as a Markov decision process, add the segmentation of data boundaries and the selection of data blocks on the basis of multi-dimensional mutation, and improve the efficiency of the fuzzing by pruning unnecessary exploration of sample spaces. The experimental results show that DRLFCfuzzer achieves code coverage of 128% to 800% of AFL and 112% to 160% of general deep reinforcement learning fuzzer and more crashes in some programs of the Fuzzer-Test-Suite dataset and three real world programs.

Baokui Zhu,Xiaowen Jiang,Kai Huang,Miao Yu

DOI: https://doi.org/10.3390/s24010093

IF: 3.9

2024-01-01

Sensors

Abstract:Physical Unclonable Functions (PUFs) are significant in building lightweight Internet of Things (IoT) authentication protocols. However, PUFs are susceptible to attacks such as Machine-Learning(ML) modeling and statistical attacks. Researchers have conducted extensive research on the security of PUFs; however, existing PUFs do not always possess good statistical characteristics and few of them can achieve a balance between security and reliability. This article proposes a strong response-feedback PUF based on the Linear Feedback Shift Register (LFSR) and the Arbiter PUF (APUF). This structure not only resists existing ML modeling attacks but also exhibits good Strict Avalanche Criterion (SAC) and Generalized Strict Avalanche Criterion (GSAC). Additionally, we introduce a Two-Level Reliability Improvement (TLRI) method that achieves 95% reliability with less than 35% of the voting times and single-response generation cycles compared to the traditional pure majority voting method.

Benjamin Fuller,Fuller, Benjamin

DOI: https://doi.org/10.1007/s10623-024-01376-z

IF: 1.4

2024-03-15

Designs Codes and Cryptography

Abstract:Fuzzy extractors convert noisy signals from the physical world into reliable cryptographic keys. Fuzzy min-entropy measures the limit of the length of key that a fuzzy extractor can derive from a distribution (Fuller et al. in IEEE Trans Inf Theory 66(8):5282–5298, 2020). In general, fuzzy min-entropy that is superlogarithmic in the security parameter is required for a noisy distribution to be suitable for key derivation. There is a wide gap between what is possible with respect to computational and information-theoretic adversaries. Under the assumption of general-purpose obfuscation, keys can be securely derived from all distributions with superlogarithmic entropy. Against information-theoretic adversaries, however, it is impossible to build a single fuzzy extractor that works for all distributions (Fuller et al. 2020). A weaker information-theoretic goal is building a fuzzy extractor for each probability distribution. This is the approach taken by Woodage et al. (in: Advances in Cryptology—CRYPTO, Springer, pp 682–710, 2017). Prior approaches use the full description of the probability mass function and are inefficient. We show this is inherent: for a quarter of distributions with fuzzy min-entropy and points there is no secure fuzzy extractor that uses less bits of information about the distribution. We show an analogous result with stronger parameters for information-theoretic secure sketches. Secure sketches are frequently used to construct fuzzy extractors.

mathematics, applied,computer science, theory & methods

Jin Miao,Meng Li,Subhendu Roy,Bei Yu

DOI: https://doi.org/10.1145/2966986.2967051

2016-01-01

Abstract:Conventional silicon physical unclonable function (PUF) extracts fingerprints from transistor's analog attributes, which are vulnerable to environmental and operational variations. Recently, digitalized PUF prototypes have emerged to overcome the vulnerability issues, however, the existing prototypes are either hybrid of analog-digital PUFs which are still under the shadow of vulnerability, or impractical for real-world implementation. To address the above limitations, we propose a learning resilient and reliable digital PUF (LRR-DPUF). The fingerprints are extracted from VLSI interconnect geometrical randomness induced by lithography variations. Crucially, we use strongly skewed latches to ensure the immunity against environmental and operational variations. Further, a cross-coupled, highly non-linear logic network is proposed to effectively spread and augment even subtle interconnect randomness, as well as to achieve strong resilience to machine learning attacks. We demonstrate that a 64-bit LRR-DPUF exhibits close to ideal statistical performances, including 0 intra Hamming Distance. We also mathematically prove that each output of the LRR-DPUF follows uniform distribution. Various state-of-the-art machine learning models show almost no better than random prediction accuracies when applied to LRR-DPUF.

Jan Wassenberg,Robert Obryk,Jyrki Alakuijala,Emmanuel Mogenet

DOI: https://doi.org/10.48550/arXiv.1810.02227

2018-10-04

Abstract:Algorithms that rely on a pseudorandom number generator often lose their performance guarantees when adversaries can predict the behavior of the generator. To protect non-cryptographic applications against such attacks, we propose 'strong' pseudorandom generators characterized by two properties: computationally indistinguishable from random and backtracking-resistant. Some existing cryptographically secure generators also meet these criteria, but they are too slow to be accepted for general-purpose use. We introduce a new open-sourced generator called 'Randen' and show that it is 'strong' in addition to outperforming Mersenne Twister, PCG, ChaCha8, ISAAC and Philox in real-world benchmarks. This is made possible by hardware acceleration. Randen is an instantiation of Reverie, a recently published robust sponge-like random generator, with a new permutation built from an improved generalized Feistel structure with 16 branches. We provide new bounds on active s-boxes for up to 24 rounds of this construction, made possible by a memory-efficient search algorithm. Replacing existing generators with Randen can protect randomized algorithms such as reservoir sampling from attack. The permutation may also be useful for wide-block ciphers and hashing functions.

Cryptography and Security,Data Structures and Algorithms

Yudan Wang,Shaofeng Zou,Yue Wang

2024-06-25

Abstract:Distributionally Robust Reinforcement Learning (DR-RL) aims to derive a policy optimizing the worst-case performance within a predefined uncertainty set. Despite extensive research, previous DR-RL algorithms have predominantly favored model-based approaches, with limited availability of model-free methods offering convergence guarantees or sample complexities. This paper proposes a model-free DR-RL algorithm leveraging the Multi-level Monte Carlo (MLMC) technique to close such a gap. Our innovative approach integrates a threshold mechanism that ensures finite sample requirements for algorithmic implementation, a significant improvement than previous model-free algorithms. We develop algorithms for uncertainty sets defined by total variation, Chi-square divergence, and KL divergence, and provide finite sample analyses under all three cases. Remarkably, our algorithms represent the first model-free DR-RL approach featuring finite sample complexity for total variation and Chi-square divergence uncertainty sets, while also offering an improved sample complexity and broader applicability compared to existing model-free DR-RL algorithms for the KL divergence model. The complexities of our method establish the tightest results for all three uncertainty models in model-free DR-RL, underscoring the effectiveness and efficiency of our algorithm, and highlighting its potential for practical applications.

Machine Learning,Artificial Intelligence

Jinyang Shi,Kwok-yan Lam,Ming Gu,Husheng Li

DOI: https://doi.org/10.1109/glocom.2009.5425487

2009-01-01

Abstract:The emerging biometric cryptography has gained significant interests for key management and privacy protection, but the previously proposed schemes using set metrics for fingerprints may either be too weak to offer enough security or suffer from the performance limitations. In this paper, a new fuzzy cryptographic technique without use of chaff data, Randomized Dissolvent Template (RDT), is proposed for biometric set modalities. The proposed technique is designed to dissolve the enrolled biometric set into a random secret resource, so as to construct robust secured templates by exploiting at least two resources of randomness. In this way, when one fingerprint is used for multiple applications, each time the additional information leakage by secured templates will not exceed the new introduced random information, so RDT is reusable. We thus provide two novel RDT-based constructions in practice: Fuzzy Reconciler using set difference threshold and Fuzzy Dissolver using set intersection threshold. Security analysis proves the new constructions have enough computational complexity for the required security properties, and implementations on FVC2002DB fingerprint database show that the proposed schemes can bring about better accuracy performance over current Fuzzy Vault and Fuzzy Extractor, thus are more promising for biometric-based security applications.

Chenyang Guo,Yujie Zhou

DOI: https://doi.org/10.1142/s0218126618500950

2017-01-01

Journal of Circuits Systems and Computers

Abstract:In this paper, a new method is proposed for randomness enhancement. The approach is called the dynamic equilibrium algorithm (DEA). It is used to solve the problems existing in the true random number generator (TRNG). First, the advantages and defects of LFSR as a post-processing module are discussed. When sampling 1000 groups of data, only 517 groups can pass all 15 tests in SP800-22 with a pass rate of 0.981. DEA is actually a great solution to this problem. The essence of DEA is to guarantee the approximately uniform distribution of the overlapping template to improve the bit-entropy by the compression of the data. This method is easy to implement in both software and hardware. The pass rate increases more than 40% with a low compression rate.