On the design and quantification of privacy preserving data mining algorithms
PODS '01 Proceedings of the twentieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Towards Sound Approaches to Counteract Power-Analysis Attacks
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Energy-Time Trade-offs in VLSI Computation
Proceedings of the Ninth Conference on Foundations of Software Technology and Theoretical Computer Science
Securing the AES Finalists Against Power Analysis Attacks
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Measuring energy consumption in VLSI circuits: A foundation
STOC '82 Proceedings of the fourteenth annual ACM symposium on Theory of computing
STOC '79 Proceedings of the eleventh annual ACM symposium on Theory of computing
Some complexity questions related to distributive computing(Preliminary Report)
STOC '79 Proceedings of the eleventh annual ACM symposium on Theory of computing
Computational Aspects of VLSI
A Combinatorial Limit to the Computing Power of VLSI Circuits
IEEE Transactions on Computers
Provably secure masking of AES
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
Hi-index | 0.00 |
VLSI circuits are open to sidechannel attacks which disclose information about its internal state to an adversary. Privacy is a design attribute to quantify the circuit’s resistance and resilience to sidechannel attacks. There has been some recent work in cryptography to capture the notion of privacy in circuits. Several constructions to transform a circuit into a private circuit have also been proposed. In this paper, we quantify the energy cost of providing privacy. We use the classical area-time-energy VLSI complexity theory techniques to prove lower bounds on the energy of any VLSI computation for a given function f parametrized by its privacy P (Privacy P or a P-private circuit implies that at least P bits of the circuit need to be observed to derive a single bit of information about an internal node). The main result establishes a lower bound of Ω(t2n2) on the E or ET or AT2 product of any t-private computation of an n-bit multiplier or shifter. Incidentally, the privacy transformation proposed by Ishai et al [6] will generate n-bit multiplier and shifter with matching energy, energy-time, and AT2 characteristics establishing that these lower bounds are tight. The privacy of the base design, without any privacy enhancement techniques, is t = 1. Hence this demonstrates that the privacy comes at a quadratic multiplicative factor energy cost, which can be significant for portable, energy-starved applications such as Smart card. We further introduce the notion of information splitting secret sharing based privacy enhancement techniques. The lower bound on the energy for this case improves to Ω(Pn2), a factor P improvement.