Masked Memory Primitive for Key Insulated Schemes

In practical security systems, it is difficult to keep secret keys protected against adversarial attacks. Key insulated schemes (KIS) are used to improve security by generating session keys that expire after a finite period of time. However, during the refresh period, side channels of the base can b...

Full description

Saved in:
Bibliographic Details
Published in:2024 IEEE International Symposium on Hardware Oriented Security and Trust (HOST) pp. 293 - 303
Main Authors: DiMeglio, Zachary, Bustami, Jenna, Gurevin, Deniz, Jin, Chenglu, van Dijk, Marten, Khan, Omer
Format: Conference Proceeding
Language:English
Published: IEEE 06-05-2024
Subjects:
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In practical security systems, it is difficult to keep secret keys protected against adversarial attacks. Key insulated schemes (KIS) are used to improve security by generating session keys that expire after a finite period of time. However, during the refresh period, side channels of the base can be observed, leaking keys during transfer. To counter this, the proposed masked memory primitive prevents these attacks while maintaining low latency and computational requirements. Using PUFs and polar coding, keys are safely stored in memory, allowing users to extract keys as needed while preventing machine learning based attacks against the system. A (2048, 512) polar code construction is proposed for PUF and adversarial error rates of 0.1 and 0.25, respectively, allowing for accurate key reconstructions and sufficient security. Furthermore, a 3.54 - 5.49ms delay between key request and retrieval can be achieved, a ~4.81 × improvement over the state-of-the-art KIS implementation. It is shown that these keys can be reliably requested by a user with < 10- 6 failure probability, while an adversary is unable to obtain the key, even with state-of-the-art decoding techniques and PUF learning algorithms.
ISSN:2765-8406
DOI:10.1109/HOST55342.2024.10545375