Strong stationary times and its use in cryptography

TL;DR

This paper explores how Strong Stationary Times (SST) can be applied in cryptography to develop algorithms that are both secure against timing attacks and produce perfect uniform samples, offering new cryptographic constructions and analysis methods.

Contribution

It introduces SST-based cryptographic algorithms with provable properties and demonstrates their immunity to timing attacks, along with analyzing existing schemes using SST concepts.

Findings

SST-based algorithms produce perfect uniform samples.

SST techniques can prevent timing attacks in cryptographic implementations.

New analysis of existing schemes using SST properties.

Abstract

This paper presents applicability of Strong Stationary Times (SST) techniques in the area of cryptography. The applicability is in three areas: *) Propositions of a new class of cryptographic algorithms (pseudo-random permutation generators) which do not run for the predefined number of steps. Instead, these algorithms stop according to a stopping rule defined as SST, for which one can obtain provable properties: *** results are perfect samples from uniform distribution, *** immunity to timing attacks (no information about the resulting permutation leaks through the information about the number of steps SST algorithm *) We show how one can leverage properties of SST-based algorithms to construct an implementation (of a symmetric encryption scheme) which is immune to the timing-attack by reusing implementations which are not secure against timing-attacks. In symmetric key cryptography researchers mainly focus on constant time (re)implementations. Our approach goes in a different direction and explores ideas of input masking. *) Analysis of idealized (mathematical) models of existing cryptographic schemes -- i.e., we improve a result by Mironov ((Not So) Random Shuffles of RC4; Advances in Cryptology -- CRYPTO 2002)