Cryptographic key reliable lifetimes: Bounding the risk of key exposure in the presence of faults

Abstract

With physical attacks threatening the security of current cryptographic schemes, no security policy can be developed without taking into account the physical nature of computation. In this paper we adapt classical reliability modeling techniques to cryptographic systems. We do so by first introducing the notions of Cryptographic Key Failure Tolerance and Cryptographic Key Reliable Lifetimes. Then we offer a framework for the determination of reliable lifetimes of keys for any cryptographic scheme used in the presence of faults, given an accepted (negligible) error-bound to the risk of key exposure. Finally we emphasize the importance of selecting keys and designing schemes with good values of failure tolerance, and recommend minimal values for this metric. In fact, in standard environmental conditions, cryptographic keys that are especially susceptible to erroneous computations (e.g., RSA keys used with CRT-based implementations) are exposed with a probability greater than a standard error-bound (e.g., 2-40) after operational times shorter than one year, if the failure-rate of the cryptographic infrastructure is greater than 1.04 × 1016 failures/hours. © Springer-Verlag Berlin Heidelberg 2006.