Skip to main content
SpringerLink
Log in

One-Time Programs from Commodity Hardware

  • Conference paper
  • First Online:
Theory of Cryptography (TCC 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13749))

Included in the following conference series:

  • 201 Accesses

Abstract

One-time programs, originally formulated by Goldwasser et al. [26], are a powerful cryptographic primitive with compelling applications. Known solutions for one-time programs, however, require specialized secure hardware that is not widely available (or, alternatively, access to blockchains and very strong cryptographic tools).

In this work we investigate the possibility of realizing one-time programs from a recent and now more commonly available hardware functionality: the counter lockbox. A counter lockbox is a stateful functionality that protects an encryption key under a user-specified password, and enforces a limited number of incorrect guesses. Counter lockboxes have become widely available in consumer devices and cloud platforms.

We show that counter lockboxes can be used to realize one-time programs for general functionalities. We develop a number of techniques to reduce the number of counter lockboxes required for our constructions, that may be of independent interest.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The term counter lockbox was previously introduced by Apple for its SEP [3]. We use it in this work to refer to a broad class of similar functionalities.

  2. 2.

    we refer the reader to Sect. 2.5 for a more detailed comparison with their work.

  3. 3.

    The reason why we need this deterministic procedure will be explained shortly.

  4. 4.

    We emphasize that LOT is non-trivial even without privacy for receivers. While receiver privacy can be generically added [18], we do not require it for our transformation.

  5. 5.

    In Sect. 2.4, we discuss generic techniques to convert a multiple-attempt (e.g. 10) lockbox into a single-attempt, including simply “burning” \(n-1\) attempts of each n-attempt lockbox before transmitting their locations to the receiver.

References

  1. Alamati, N., Branco, P., Döttling, N., Garg, S., Hajiabadi, M., Pu, S.: Laconic private set intersection and applications. Cryptology ePrint Archive, Report 2021/728 (2021). https://eprint.iacr.org/2021/728

  2. Almashaqbeh, G., et al.: Gage MPC: bypassing residual function leakage for non-interactive MPC. Proc. Priv. Enhanc. Technol. 2021(4), 528–548 (2021)

    Google Scholar 

  3. Apple Inc., Secure Enclave. https://support.apple.com/guide/security/secure-enclave-sec59b0b31ff/web

  4. Apple Inc., Escrow security for iCloud Keychain (2021). https://support.apple.com/guide/security/escrow-security-for-icloud-keychain-sec3e341e75d/web

  5. Apple Inc., HomeKit communication security (2021). https://support.apple.com/guide/security/homekit-communication-security-sec3a881ccb1/web

  6. ARM Holdings. Trusted Base System Architecture Documents. https://www.arm.com/technologies/trustzone-for-cortex-a/tee-reference-documentation. Subject to Non-Disclosure Agreement

  7. Backes, M., Gerling, R.W., Gerling, S., Nürnberger, S., Schröder, D., Simkin, M.: WebTrust – a comprehensive authenticity and integrity framework for HTTP. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) ACNS 2014. LNCS, vol. 8479, pp. 401–418. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-07536-5_24

    Chapter  MATH  Google Scholar 

  8. Bellare, M., Hoang, V.T., Rogaway, P.: Adaptively secure garbling with applications to one-time programs and secure outsourcing. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 134–153. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34961-4_10

    Chapter  Google Scholar 

  9. Benhamouda, F., Krawczyk, H., Rabin, T.: Robust non-interactive multiparty computation against constant-size collusion. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part I. LNCS, vol. 10401, pp. 391–419. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_13

    Chapter  Google Scholar 

  10. Bhudia, A., O’Keeffe, D., Sgandurra, D., Hurley-Smith, D.: RansomClave: ransomware key management using SGX. In: The 16th International Conference on Availability, Reliability and Security (2021)

    Google Scholar 

  11. Bitansky, N., et al.: The hunting of the SNARK. J. Cryptol. 30(4), 989–1066 (2017)

    Article  MathSciNet  MATH  Google Scholar 

  12. Bose, R.C., Ray-Chaudhuri, D.K.: On a class of error correcting binary group codes. Inf. Control 3(1), 68–79 (1960)

    Article  MathSciNet  MATH  Google Scholar 

  13. Broadbent, A., Gutoski, G., Stebila, D.: Quantum one-time programs. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 344–360. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40084-1_20

    Chapter  Google Scholar 

  14. Van Bulck, J., et al.: Breaking virtual memory protection and the SGX ecosystem with foreshadow. IEEE Micro 39(3), 66–74 (2019)

    Article  Google Scholar 

  15. Chatterjee, R., Athayle, A., Akhawe, D., Juels, A., Ristenpart, T.: Password typos and how to correct them securely. In: S &P 2016. IEEE (2016)

    Google Scholar 

  16. Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 89–105. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_7

    Chapter  Google Scholar 

  17. Chen, Z.: Java Card Technology for Smart Cards: Architecture and Programmer’s Guide. Addison-Wesley Longman Publishing Co., Inc (2000)

    Google Scholar 

  18. Cho, C., Döttling, N., Garg, S., Gupta, D., Miao, P., Polychroniadou, A.: Laconic oblivious transfer and its applications. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part II. LNCS, vol. 10402, pp. 33–65. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63715-0_2

    Chapter  Google Scholar 

  19. Dall, F., et al.: CacheQuote: efficiently recovering long-term secrets of SGX EPID via cache attacks. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(2), 171–191 (2018)

    Article  Google Scholar 

  20. Delgado-Mohatar, O., Sierra-Cámara, J.M., Anguiano, E.: Blockchain-based semi-autonomous ransomware. Future Gener. Comput. Syst. 112, 589–603 (2020)

    Google Scholar 

  21. Döttling, N., Garg, S., Goyal, V., Malavolta, G.: Laconic conditional disclosure of secrets and applications. In: Zuckerman, D., (eds.) 60th FOCS, pages 661–685. IEEE Computer Society Press, November 2019

    Google Scholar 

  22. Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Theory of Cryptography Conference (2006)

    Google Scholar 

  23. Garg, S., Srinivasan, A.: Adaptively secure garbling with near optimal online complexity. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part II. LNCS, vol. 10821, pp. 535–565. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_18

    Chapter  Google Scholar 

  24. Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious rams. J. ACM (JACM) 43(3), 431–473 (1996)

    Article  MathSciNet  MATH  Google Scholar 

  25. Goldwasser, S., Kalai, Y.T., Rothblum, G.N. : Delegating computation: interactive proofs for muggles. In: Ladner, R.E., Dwork, C. (eds.) 40th ACM STOC, pp. 113–122. ACM Press, May 2008

    Google Scholar 

  26. Goldwasser, S., Kalai, Y.T., Rothblum, G.N.: One-time programs. In: Annual International Cryptology Conference, pp. 39–56 (2008)

    Google Scholar 

  27. Google. Google Tensor debuts on the new Pixel 6 this fall (2021). https://blog.google/products/pixel/google-tensor-debuts-new-pixel-6-fall/

  28. Goyal, R., Goyal, V.: Overcoming cryptographic impossibility results using blockchains. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017, Part I. LNCS, vol. 10677, pp. 529–561. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70500-2_18

    Chapter  Google Scholar 

  29. Goyal, R., Vusirikala, S., Waters, B.: New constructions of hinting PRGs, OWFs with encryption, and more. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020, Part I. LNCS, vol. 12170, pp. 527–558. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56784-2_18

    Chapter  Google Scholar 

  30. Goyal, V., Ishai, Y., Sahai, A., Venkatesan, R., Wadia, A.: Founding cryptography on tamper-proof hardware tokens. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 308–326. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-11799-2_19

    Chapter  MATH  Google Scholar 

  31. Harnik, D., Kilian, J., Naor, M., Reingold, O., Rosen, A.: On robust combiners for oblivious transfer and other primitives. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 96–113. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_6

    Chapter  Google Scholar 

  32. Hazay, C., Lindell, Y.: Constructions of truly practical secure protocols using standardsmartcards. In: Ning, P., Syverson, P.F., Jha, S. (eds.) ACM CCS 2008, pp. 491–500. ACM Press, October 2008

    Google Scholar 

  33. Intel. Overview on signing and whitelisting for intel software guard extension (SGX) enclaves. https://www.intel.com/content/dam/develop/external/us/en/documents/overview-signing-whitelisting-intel-sgx-enclaves-737361.pdf

  34. Juels, A., Sudan, M.: A fuzzy vault scheme. Des. Codes Cryptogr. 38(2), 237–257 (2006)

    Article  MathSciNet  MATH  Google Scholar 

  35. Justesen, J.: Class of constructive asymptotically good algebraic codes. IEEE Trans. Inf. Theory 18(5), 652–656 (1972)

    Article  MathSciNet  MATH  Google Scholar 

  36. Kaptchuk, G., Green, M., Miers, I.: Giving state to the stateless: augmenting trustworthy computation with ledgers. In: NDSS 2019 ( 2019)

    Google Scholar 

  37. Kensinger, T.: Google and Android have your back by protecting your backups, September 2018. https://security.googleblog.com/2018/10/google-and-android-have-your-back-by.html

  38. Krassovsky, S., Cadden, G., et al.: Security of End-To-End Encrypted Backups (2021). https://scontent.whatsapp.net/v/t39.8562-34/241394876_546674233234181_8907137889500301879_n.pdf/WhatsApp_Security_Encrypted_Backups_Whitepaper.pdf?ccb=1-5 &_nc_sid=2fbf2a &_nc_ohc=4K040x7GheAAX_-4c-_ &_nc_ht=scontent.whatsapp.net &oh=01_AVxDv1cRlVElvg0Fv89URSU_XOQUupw70bDPw6o2w0LEWg &oe=6211F5FC

  39. Krstić, I.: Behind the scenes with iOS security (2016). https://www.blackhat.com/docs/us-16/materials/us-16-Krstic.pdf

  40. Lund, J.: December 2019 https://signal.org/blog/secure-value-recovery/. Accessed 2 May 2022

  41. MacWilliams, F.J., Sloane, N.J.A.: The Theory of Error-Correcting Codes. North-Holland Pub. Co. (1977)

    Google Scholar 

  42. McKeen, F., et al.: Intel® software guard extensions (intel® sgx) support for dynamic memory management inside an enclave. In: HASP 2016. ACM (2016)

    Google Scholar 

  43. Meier, R., Przydatek, B., Wullschleger, J.: Robuster combiners for oblivious transfer. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 404–418. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-70936-7_22

    Chapter  Google Scholar 

  44. Micali, S.: Computationally sound proofs. SIAM J. Comput. 30(4), 1253–1298 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  45. Murdock, K., Oswald, D.F., Garcia, F.D., Van Bulck, J., Gruss, D., Piessens, F.: Plundervolt: software-based fault injection attacks against intel SGX. In: S &P 2020. IEEE (2020)

    Google Scholar 

  46. Pinto, S., Santos, N.: Demystifying arm trustzone: a comprehensive survey. ACM Comput. Surv. (CSUR) 51(6) (2019)

    Google Scholar 

  47. Rosulek, M., Roy, L.: Three halves make a whole? Beating the half-gates lower bound for garbled circuits. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021, Part I. LNCS, vol. 12825, pp. 94–124. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84242-0_5

    Chapter  Google Scholar 

  48. Savagaonkar, U., Porter, N., Taha, N., Serebrin, B., Mueller, N.: Titan in depth: Security in plaintext (2017). https://cloud.google.com/blog/products/identity-security/titan-in-depth-security-in-plaintext

  49. Twilio (2022). https://www.twilio.com/sms/pricing/us

  50. Xu, Q.: ARM-software/tf-issues (2017). https://github.com/ARM-software/tf-issues/issues/534

  51. Yao, A.C.-C.: How to generate and exchange secrets (extended abstract). In: 27th FOCS, pages 162–167. IEEE Computer Society Press, October 1986

    Google Scholar 

  52. yubico. YubiHSM 2. https://www.yubico.com/product/yubihsm-2/

Download references

Acknowledgements

The first, second and fourth authors were supported in part by NSF CNS-1814919, NSF CAREER 1942789 and Johns Hopkins University Catalyst award. The fourth author was additionally supported in part by AFOSR Award FA9550-19-1-0200 and the Office of Naval Research Grant N00014-19-1-2294. The first, third and fifth authors were supported by the National Science Foundation under awards CNS-1653110 and CNS-1801479 and by DARPA under Agreements No. HR00112020021 and Agreements No. HR001120C0084. The fifth author was additionally supported by a Google Security & Privacy Award. This work was done in part while the second author was a student at Johns Hopkins University and while the second and fourth authors were visiting University of California, Berkeley. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Government or DARPA.

Author information

Authors and Affiliations

  1. Johns Hopkins University, Baltimore, USA

    Harry Eldridge, Matthew Green, Abhishek Jain & Maximilian Zinkus

  2. NTT Research, Sunnyvale, USA

    Aarushi Goel

Authors
  1. Harry Eldridge
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aarushi Goel
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Matthew Green
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Abhishek Jain
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Maximilian Zinkus
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aarushi Goel .

Editor information

Editors and Affiliations

  1. Ruhr University Bochum, Bochum, Germany

    Eike Kiltz

  2. Massachusetts Institute of Technology, Cambridge, MA, USA

    Vinod Vaikuntanathan

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Eldridge, H., Goel, A., Green, M., Jain, A., Zinkus, M. (2022). One-Time Programs from Commodity Hardware. In: Kiltz, E., Vaikuntanathan, V. (eds) Theory of Cryptography. TCC 2022. Lecture Notes in Computer Science, vol 13749. Springer, Cham. https://doi.org/10.1007/978-3-031-22368-6_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-22368-6_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-22367-9

  • Online ISBN: 978-3-031-22368-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation