Bandwidth-Hard Functions from Random Permutations
Rishiraj Bhattacharyya, Avradip Mandal
TL;DR
This paper explores how to instantiate bandwidth-hard functions using random permutations, aiming to enhance ASIC resistance by ensuring high energy costs when cache size is insufficient, with results applicable to various graph structures.
Contribution
It demonstrates a generic method to instantiate bandwidth-hard functions with random permutations, extending previous analyses from the random oracle model to more practical settings.
Findings
Valid for any hard-to-pebble graphs
Provides a generic instantiation method
Enhances ASIC resistance in cryptographic hash functions
Abstract
ASIC hash engines are specifically optimized for parallel computations of cryptographic hashes and thus a natural environment for mounting brute-force attacks on hash functions. Two fundamental advantages of ASICs over general purpose computers are the area advantage and the energy efficiency. The memory-hard functions approach the problem by reducing the area advantage of ASICs compared to general-purpose computers. Traditionally, memory-hard functions have been analyzed in the (parallel) random oracle model. However, as the memory-hard security game is multi-stage, indifferentiability does not apply and instantiating the random oracle becomes a non-trivial problem. Chen and Tessaro (CRYPTO 2019) considered this issue and showed how random oracles should be instantiated in the context of memory-hard functions. The Bandwidth-Hard functions, introduced by Ren and Devadas (TCC 2017), aim…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsCryptographic Implementations and Security · Advanced Malware Detection Techniques · Spam and Phishing Detection