Hans Heum

Hans Heum

Ph.D. started in: 2019
Expected year of graduation: 2021
COINS consortium member: University of Bergen
Supervised by: Martijn Stam
Research area: Cryptography
Project title: Side-channel attacks in a multi-user setting
Project description: With the explosive growth of the number of Internet enabled devices, so
grows the number of devices and connections that require securing.
Cryptography remains a core enabling technology to this end, allowing
to use both cryptographic reductions and cryptographic combinatorics to
make explicit statements regarding the security of a scheme or protocol.
Yet, traditionally one customarily only examines the underlying
cryptographic techniques in a simplified setting. For instance, secure
channels might be reduced to the basic scenario where Alice wants to
communicate with Bob with some adversary Eve trying to intercept or interfere.
Conceptually, this minimum working example is studied in isolation, as if
Alice, Bob, and Eve live on an otherwise deserted island. The rationale is that
by using so-called hybrid arguments one can `lift’ the deserted-island security
to the real world.

Unfortunately, this approach has a number of shortcomings. Firstly, the
concrete “guaranteed” security degrades linearly (or worse) in the number of
keys and amount of data used in the real world. There have been cases where
the loss in proven security is matched by attacks, but equally there are cases
where the loss in security seems purely theoretical and improvements might be
possible by analysing old or new schemes directly in a multi-user setting.
Secondly, not all security hazards manifest themselves in the minimum working
example: as a well-known example, corruptions model a situation where an
adversary manages to control a hitherto honest party, learning their secrets
in the process. Such corruptions are a major concern in the real world where
inevitably over time some private keys will become available to an adversary.
The security ramifications of such corruptions should be limited as much as
possible, yet in the minimum working example, once either Alice or Bob becomes
corrupted the traditional security notions simply `give up’ (and provide no
security guarantee whatsoever).

Recently, work on direct multi-user security has increased, but there are
many open questions, both to basic protocols such as secure channels and
secure messaging as well as to more complicated scenarios involving encrypted
databases. The goal of this PhD is to investigate what security one should aim
for in a multi-user, multi-instance setting, what techniques are suitable
to prove security in such a setting, and to determine the extent to which
hybrid-like security losses are inevitable, based on either proof techniques
or the scaling of attacks when the number of targets goes up. Of particular
interest in this context are also the role that side-channel attacks play,
as the scaling of these to a multi-target scenario is currently wide open.