 So actually in this talk, I just want to consider the symmetric setting So we have two parties and they share some split key and they run some protocols and graphic protocol and Yeah, there are many settings where leakage is really an issue like where there's some side channels for example the smart card or a RFID setting So an adversary like even though this protocol might be secure There might be some side channels and the adversary learned some partition are like some partial information about the secret key So this is like really an issue of like the adversary can do that during many sessions So even if he just learns a small amount like in total he can learn like recover the secret key So there's an approach to provide security in such a setting and it's called like fresh reeking So the idea is basically that we just use the secret key to generate some session keys and then we use the session keys to perform the protocol and In such a setting that misery would like if we just target the protocol It would just learn some partial information about the secret keys and the session keys And this is not so harmful because when they're computationally independent Then an adversary cannot take advantage of before future sessions even the ad like learned of lots of information But of course this is not like sufficient for security because like a clever adversary would just simply target the reef are the re-keying scheme So we need like some kind of a leakage resilient re-keying scheme There have been some proposals, but unfortunately they were also like vulnerable to some attacks and So our contribution in our paper We basically just first give a formal security definition and we also give a formal security proof then a certain leakage model and The constructions are basically hired on based on LWE and LPN So we have two constructions one on LWE and one on LPN And it shows that the scheme is like really efficient So we have like a certain leakage model and this in this leakage model Like you usually share the secret key and it's like also correspond to a countermeasure, which is called masking And you can basically determine the hardness for an adversary to attack such a sheen by the amount of shares and our solution just grow like the complexity in our solution just grows linearly in the amount of shares while Like for for block ciphers for example this grows quadratically like when there's very like a Very an approach to cut to provide security that is also used in practice like it's like a really practical thing Therefore we have also provided a concrete implementation for the scheme and it shows that even for low orders or like for low amount of shares We match the efficiency of AS like of mass AS and since it's like asymptotically more efficient We of course like we have a better efficiency for higher orders So the nice thing is also that we have like security against so called clutches for free Which was not the case for the implementations that we for the AS implementations that we can just for the comparison But if you want to have some implementations for AS which are secure against clutches, then you have like a much more Like much higher computational overhead. So it's several much magnitudes less efficient in our solution Basically, we have two schemes. So the first one is called based on offset LWR. So it's like somewhat a new Assumption but actually behaves somewhat like LWR and we can show that it's basically at least as hard as LWE with uniform noise So also it uses like very simple as very simple rounding function and very efficient Operations and also simple operation. So it will be very it's very easy to implement. It's also very efficient So then we have a second scheme which is based on hardware noise So in this setting so we can only provide security if we assume that there is a certain hardware noise Usually if someone performs the side journal attacks attack Then the values that he learns is always perturbed by some noise and we exploit that in that approach So we also introduce a new learning problem, which is like quite specific to to the setting and we call it learning parity with leakage and We can show that this learning parity with leakage is more or less equivalent to LPN Or basically it's equivalent to a variant of LPN, but we can reduce LPN to this variant So and this also operates on set two and has also really simple Operations and it's also very simple to implement So now I want to define a rekeying scheme So it's actually quite simple. So first we what we need we have first a generator algorithm So this generator algorithm just generates a secret key and then we have some Generator algorithm for the session keys. So this generator algorithm Algorithm operates on some secret shares of the secret key Because and we in particular assume that only one party is subject to leakage like which is usually the case if we have like the smart card setting because the server won't be like Like a subject to leakage attacks or side channel attacks So and then we also need like a third algorithm Which we call core SK So there might be some so it will also create a session secret key, but for the other party So there might be some inconsistency. Therefore, we also need some correction information V And we also have some randomness are that the core SK needs as input And then basically for correctness we could require that both algorithms are put the same session key So for the security we consider Like the real world basically there's an adversary who has like some side channel arc receives some leakage From the party, but he also receives the randomness and the correction information, but also the session key and We say it's secure if the adversary cannot distinguish this real world setting from an ideal setting in the ideal setting the session key is uniformly random and The leakage comes just from some simulator and the simulator just uses as input the randomness to Uniformly random correction information and secret key. So if an adversary cannot distinguish these two settings Then he can also not profit from the leakage and he can also not distinguish to seek the session keys from uniformly random secret keys So this is sufficient for for the security. So now I want to speak about the leakage model So we assume a certain leakage model, which is called the T probing model And the idea is that an adversary can request like any T value like intermediate values and Learn them that basically like if when the blue party executes this gen SK algorithm and the adversary can request like any T values that occur during the computation So and of course he could like simply try to learn all the shares of them of the mask see are like of the secret And to prevent that that he learns them During step are like more than one session. We need some kind of a refreshing algorithm. So after each Session we simply need to refresh the shares And there are several proposals for such a refreshing algorithm and basically if we use these shares which has to be More than two times the amount of values that an adversary can retrieve Then we can provide or then we can get this secure refreshing So and yeah, basically we just need that this chen SK algorithm refresh With these shares like during each session So now I want to show you the schemes like first the one based on offset LWR So we use some to moduli like P and Q and then we also have like some really easy Rounding function which just drops the least significant bits and then the generator algorithm is really simple We just draw a secret key, which is in uniformly random and set air Q to the end We just use a very simple secret sharing scheme Then for the chen SK The idea is basically that we compute some shares of a session secret key SK SK AI Which is just our times Ki and then we just apply the rounding function And then to obtain the session secret the session secret key We just compute the sum over all the shares shares of the secret of the session key so then The second algorithm basically Computes something related or it doesn't operate on the shares, but directly on the on the secret key so it just computes our times the key and then rounds and Because the rounding function is almost linear Both operations are somewhat close and like we just need a very simple error correction Information to provide like it will balance so I won't show that here But it's quite simple, but for simplicity. I did not sketch it because it's a bit technical So for the security First I want to show you that offset LWR. It's quite similar to normal LWR So basically it's about distinguishing a uniformly random R matrix R and Basically the value B which is in a set P to the M Basically this value B is either uniformly random or it's just a rounded value or it just rounds the value R times K plus some offset O So So for LWE which simply don't have this offset O For LWR we don't have this offset O And for LWE is actually quite easy to show that offset LWE is the same as LWE, but for LWR We cannot do this because the rounding function is not linear but actually it we show also that many of the reductions that we use to Prove the hardness of LWR also work for this offset LWR So it's no problem. So we don't really decrease the security even though we cannot relate directly to LWR You have to use this additional assumption So yeah, and for suitable parameters. Yeah, it's at least as hard as LWE with uniform noise So for the proof sketch, it's actually quite easy. So we have some adversary you can learn like t-values and The reduction will have access to some offset LWR oracle You can request some offset and then receive some Some sample R and B which is either uniform or this R times K plus O rounded And now this reduction simply has to somehow simulate this chen SK algorithm So since the adversary can only learn t-values and there will be much more shares There's at least one share that the adversary cannot learn. So we call this share the KJ So now the Reduction can basically simply sample all the shares But the only the KJ share it won't are like the reduction won't know the KJ share Hmm, but it will be quite easy to generate generate the corresponding Session secret share Because we can simply simply sum over all the Ki. So we compute this value K prime So in this value K prime will simply corresponds to minus K plus KJ So we can simply request this value K prime to the offset LWR oracle So and what we will receive is either a truly uniform be or we will receive the corresponding thing session secret share So we can use this bit B now in the simulation of the algorithm chen SK And we can simply sum over all these session secret shares And also we can simply output this session key and Now in the case when B is uniform the session key will be uniform in the other case when it's like Offset LWR distributed and it will be exactly as in the scheme exactly as in the real world And so that's the reason why it's secure So for the the other scheme We basically use hardware noise So usually is these side channel attacks are affected by hardware noise in our model like in this probing model We assume that you cannot let that adversary read doesn't learn a in the clear But usually there are some large caution noise Which is like so the adversary will learn something like the value plus e which is like a real value So it actually depends on the measure part of the adversary measures this real value what he will learn but we model it in this way and And if we assume that this This probe is just for example, and in our product of some public value are and some key Okay, then we can show that this is actually Equivalent this problem of learning or recovering the secret key It's equivalent to learning parity with noise And we really exploit that to Construct a re keying scheme So basically the re keying scheme will be as hard as LPN based on this Learned learning parity with leakage was which is equivalent to learning parity with noise The nice thing about it is that we don't need to generate the noise on the chip because usually like there were some proposals Which wanted to provide some side channel Or like leakage resilience schemes based on LPN But there was always the issue if you generated the noise on your chip Then the adversary might learn this noise But in our scheme, there's no noise generated on the chip itself We just need that the side channels are affected by some noise to during the side channel measurements Yeah, so but for the security there is like a drawback because it seems that we need the ideal Cypher model Or at least or like a random oracle model because on the chip itself. We don't have this noise so the Session keys won't be uniform or won't be Indistinguishable from uniform itself only if that was really takes the side channel So so like as an input for the protocol we first need to hash it for example with a random oracle So yeah, that was also my last slide so Basically We have now like a formal security definition for these re keying schemes We also have like a formal proof of these schemes so they give like an and I Yeah, so we can quite sure that there is not like a trivial attack compared to or like some attacks compared to the previous schemes As well we have like we base it on well-established assumptions for example an lpn or lwe And it's also very efficient to implement and and very simple so Like if you have like some programmers who do not have like any knowledge and cryptography it will be still very simple for him to implement that while Like similar like comparable proc cypher based solutions will be quite hard to implement because This this masking is highly non-trivial because there you have like non linear operations While in our case we use like Lwr and lpn which are like really like almost linear Which makes the whole implementation really efficient and very simple So yeah, thanks for your attention and also have the reference for a print and I'm happy to discuss