libharpia: a New Cryptographic Library for Brazilian Elections
Resumo
The Research and Development Center for Communication Security (CEPESC) has a long partnership history with the Brazilian Superior Electoral Court to improve the security of the Brazilian election system. Among all the contributions from CEPESC, probably the most important is a cryptographic library used in some critical moments during the election. In an effort to improve transparency and auditability of the solution, we present the new cryptographic library developed at CEPESC, named libharpia. Its main design goal is to allow transparency and readability while substantially increasing security. One of the main advances is the use of post-quantum cryptography, implemented through secure hybrid protocols that mix current cryptographic standards (specifically elliptic curves) with new cryptographic primitives based on Lattices, believed to be secure against quantum computers.
Referências
Alashwali, E. S. and Rasmussen, K. (2018). What’s in a downgrade? a taxonomy of downgrade attacks in the tls protocol and application protocols using tls. In International Conference on Security and Privacy in Communication Systems, pages 468–487. Springer.
Alessandre, S. (2021). Add support for x509 certs with nist p384/256/192 keys. [link].
Aranha, D. F., Barbosa, P., Cardoso, T. N. C., Ara´ujo, C. L., and Matias, P. (2019). The return of software vulnerabilities in the brazilian voting machine. Comput. Secur., 86:335–349.
Bernstein, D. J. (2005). Cache-timing attacks on aes. https://cr.yp.to/antiforgery/cachetiming-20050414.pdf.
Bernstein, D. J., Lange, T., and Schwabe, P. (2012). The security impact of a new cryptographic library. In Progress in Cryptology – LATINCRYPT 2012, Lecture Notes in Computer Science, pages 159—-176. Springer.
Beullens, W. (2022). Breaking rainbow takes a weekend on a laptop. IACR Cryptol. ePrint Arch., page 214.
Bos, J. W., Ducas, L., Kiltz, E., Lepoint, T., Lyubashevsky, V., Schanck, J. M., Schwabe, P., Seiler, G., and Stehl´e, D. (2018). CRYSTALS - kyber: A CCA-secure modulelattice-based KEM. In 2018 IEEE European Symposium on Security and Privacy, EuroS&P, pages 353–367. IEEE.
Brunazo Filho, A., Carvalho, M., Teixeira, M., Simplicio Jr, M., and Fernandes, C. (2015). Auditoria especial no sistema eleitoral 2014. Simpósio Brasileiro em Segurança da Informação e de Sistemas Computactionais, XV, Florianópolis. Anais... Florianópolis: SBC, pages 511–522.
Campagna, M. and Crockett, E. (2021). Hybrid post-quantum key encapsulation methods (pq kem) for transport layer security 1.2 (tls). Internet-draft, IETF Secretariat. https://www.ietf.org/archive/id/draft-campagna-tls-bike-sike-hybrid-07.txt.
Coimbra, R. C. M., Monteiro, J. R. M., and da Silva Costa, G. (2017). Registro impresso do voto, autenticado e com garantia de anonimato. Anais do XVII Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais, pages 666–681.
Coutinho, M. and Neto, T. C. S. (2021). Improved linear approximations to ARX ciphers and attacks against chacha. In Advances in Cryptology - EUROCRYPT 2021, volume 12696 of Lecture Notes in Computer Science, pages 711–740. Springer.
Denis, F. (2013). The sodium cryptography library. https://download.libsodium.org/doc/.
Ducas, L., Kiltz, E., Lepoint, T., Lyubashevsky, V., Schwabe, P., Seiler, G., and Stehlé, D. (2018). Crystals-dilithium: A lattice-based digital signature scheme. IACR Trans. Cryptogr. Hardw. Embed. Syst., 2018(1):238–268.
Gallo, R., Kawakami, H., Dahab, R., Azevedo, R., Lima, S., and Araujo, G. (2010). TDRE: a hardware trusted computing base for direct recording electronic vote machines. In Twenty-Sixth Annual Computer Security Applications Conference, ACSAC 2010, Austin, Texas, USA, 6-10 December 2010, pages 191–198. ACM.
Hamburg, M. (2015). Ed448-goldilocks, a new elliptic curve. IACR Cryptol. ePrint Arch., page 625.
Krawczyk, H. (2010). Cryptographic extraction and key derivation: The HKDF scheme. In Advances in Cryptology - CRYPTO 2010, volume 6223 of Lecture Notes in Computer Science, pages 631–648. Springer.
Langley, A. (2010). ctgrind—checking that functions are constant time with valgrind. https://github.com/agl/ctgrind.
Leurent, G. and Pernot, C. (2021). New representations of the AES key schedule. In Advances in Cryptology - EUROCRYPT 2021, volume 12696 of LNCS, pages 54–84. Springer.
Lyubashevsky, V. (2009). Fiat-shamir with aborts: Applications to lattice and factoring-based signatures. In Advances in Cryptology - ASIACRYPT 2009, volume 5912 of Lecture Notes in Computer Science, pages 598–616. Springer.
MATZOV (2022). Report on the Security of LWE: Improved Dual Lattice Attack.
Monteiro, J., Lima, S., Rodrigues, R., Alvarez, P., Meneses, M., Mendonça, F., and Coimbra, R. (2019). Protegendo o sistema operacional e chaves criptográficas numa urna eletrônica do tipo t-dre. In Anais do IV Workshop de Tecnologia Eleitoral, pages 1–12. SBC.
Nir, Y. and Langley, A. (2018). ChaCha20 and Poly1305 for IETF Protocols. RFC 8439. NIST (2022). Nist announces first four quantum-resistant cryptographic algorithms. [link].
Novark, G. and Berger, E. D. (2010). Dieharder: securing the heap. In Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, pages 573–584. ACM.
Pointcheval, D. (2006). Topics in Cryptology – CT-RSA 2006: The Cryptographers’ Track at the RSA Conference 2006, San Jose, CA, USA, February 13-17, 2005, Proceedings. LNCS sublibrary: Security and cryptology. Springer.
Regev, O. (2005). On lattices, learning with errors, random linear codes, and cryptography. In Proceedings of the 37th Annual ACM Symposium on Theory of Computing, pages 84–93. ACM.
Roetteler, M., Naehrig, M., Svore, K. M., and Lauter, K. (2017). Quantum resource estimates for computing elliptic curve discrete logarithms. In International Conference on the Theory and Application of Cryptology and Information Security, pages 241– 270. Springer.
Saarinen, M. O. and Aumasson, J. (2015). The BLAKE2 cryptographic hash and message authentication code (MAC). RFC, 7693:1–30.
Tromer, E., Osvik, D. A., and Shamir, A. (2010). Efficient cache attacks on aes, and countermeasures. In Journal of Cryptology, volume 23, pages 37–71.
TSE (2021). Novas urnas eletrônicas contarão com certificação da icp-brasil. [link].
van de Graaf, J. and Custódio, R. (2002). Tecnologia eleitoral e a urna eletrônica–relatório sbc 2002. Disponível em http://www.sbc.org.br/index.php.