有时候也叫它Li-Micciancio攻击,因为作者的名字叫Baiyu Li和Daniele Micciancio(是不是老外看这种命名方式就跟我们看张亮麻辣烫一样)。
相关的几篇论文我扔我的资源上传里了,也可以拿着名字去外网搜能搜到。
代码是开源的
https://github.com/Pro7ech/CKKSKeyRecovery
它一套代码包含着对HEAAN, PALISADE, SEAL, HElib, and RNS-HEAAN这一堆库的攻击,但是我只试过SEAL的。
首先要安装SEAL库,虽然现在SEAL更新到3.7.1了,但是它这个用的还是3.5版本,不要试图用它来攻击3.6及以上版本,因为很多函数的写法变了,运行的时候会报错。因为攻击代码依赖NTL库,我从网上找NTL的安装教程全都是在Ubuntu的,所以这个教程里的环境也是Ubuntu(所以我当初安装SEAL在centos上的折腾要在Ubuntu上也来一遍)。
SEAL库的安装
需要先装git
sudo apt-get install git
gcc和g++安装https://blog.csdn.net/dream_for_/article/details/117201988
卡了就加上sudo
apt-get install python-software-properties
apt-get install software-properties-common
add-apt-repository ppa:ubuntu-toolchain-r/test
apt-get update
apt-get install gcc-8
apt-get install g++-8
//检测安装是否成功
updatedb && ldconfig
locate gcc | grep -E "/usr/bin/gcc-[0-9]"
locate g++ | grep -E "/usr/bin/g\+\+-[0-9]"
//将gcc8,g++8作为默认选项
sudo update-alternatives --install /usr/bin/gcc gcc /usr/bin/gcc-8 100
sudo update-alternatives --config gcc
sudo update-alternatives --install /usr/bin/g++ g++ /usr/bin/g++-8 100
sudo update-alternatives --config g++
//查看是否成功
gcc --version
g++ --version
cmake安装
//先安装openssl的编译依赖
apt-get install libssl-dev
sudo apt-get install build-essential
mkdir /opt/cmake
cd /opt/cmake
wget https://cmake.org/files/v3.20/cmake-3.20.4.tar.gz
tar zxvf cmake-3.20.4.tar.gz
mkdir /usr/local/cmake
cd /opt/cmake/cmake-3.20.4
./configure --prefix=/usr/local/cmake
make
sudo apt-get install checkinstall
sudo checkinstall
make install
ln -s /usr/local/cmake/bin/cmake /usr/bin/cmake
SEAL的安装
//从网上下载下来压缩包
https://github.com/microsoft/SEAL/archive/refs/tags/v3.5.9.tar.gz
tar -zxvf SEAL-3.5.9.tar.gz
cd SEAL-3.5.9
cmake -S . -B build -DBUILD_SHARED_LIBS=ON
cmake --build build
sudo cmake --install build
SEAL自带的example编译
cd native/examples
cmake -S . -B build
cmake --build build
./build/bin/sealexamples
到这里SEAL就可以正常使用了
ckks攻击依赖安装https://blog.csdn.net/qq_46314975/article/details/108960027
进入官网,挑一个Unix版本下载
https://libntl.org/download.html
sudo mv ntl-11.5.1.tar.gz /usr/loacal/
sudo tar -zxvf ntl-11.5.1.tar.gz
ntl依赖m4,gmp
m4安装
sudo apt-get install m4
gmp安装
进入官网下载gmp
https://gmplib.org/
给它挪个窝不要在“下载”目录里直接安装了
sudo apt-get install lzip
lzip -d gmp-6.2.1.tar.lz
sudo gedit /etc/apt/sources.list
\*在文件里加入这些链接后保存退出
deb http://mirrors.aliyun.com/ubuntu/ eoan main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ eoan main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ eoan-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ eoan-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ eoan-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ eoan-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ eoan-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ eoan-backports main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ eoan-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ eoan-proposed main restricted universe multiverse
*\
sudo apt-get update
sudo apt-get upgrade
cd gmp-6.2.1
sudo ./configure
sudo make
sudo make check
sudo make install
ntl安装
cd ntl-11.5.1/src
sudo ./configure
sudo make
sudo make check
sudo make install
ckks攻击代码安装
git clone https://github.com/ucsd-crypto/CKKSKeyRecovery
进入CKKSKeyRecovery/src,里边有个Makefile文件
这个是SEAL的相关路径,如果是按着上面的操作的话应该是不用改的。
但是,它会报错,类似于这样
我一直以为是我哪里出错了,找了半天都快疯了。然后这些隐约可以猜出来是gmp出的问题,然后搜了很多用ntl的c++编译例子,发现似乎编译的时候都会跟着一个-lntl -lgmp,但是这个Makefile只有-lntl,改成下边这个样子就行了。
SEAL_INCLUDE=-I/usr/local/include/SEAL-3.5
SEAL_LIBS=-L/usr/local/lib -lseal-3.5 -lz -Wl,-rpath=/usr/local/lib -lntl -lgmp
make seal_attack
./seal_attack
SEAL官方给的安全文档(SECURITY.md)
https://github.com/microsoft/SEAL/blob/main/SECURITY.md
Correct Use of Microsoft SEAL
Homomorphic encryption schemes have various and often unexpected security models that may be surprising even to cryptography experts. In particular, decryptions of Microsoft SEAL ciphertexts should be treated as private information only available to the secret key owner, as sharing decryptions of ciphertexts may in some cases lead to leaking the secret key. If it is absolutely necessary to share information about the decryption of a ciphertext, for example when building a protocol of some kind, the number of bits shared should be kept to a minimum, and secret keys should be rotated regularly. Commercial applications of Microsoft SEAL should be carefully reviewed by cryptography experts who are familiar with homomorphic encryption security models.
大意就是除了私钥的持有者,不要随便共享解密结果,如果非要共享的话共享的内容越少越好。(简言之就是SEAL库并没有从自身来弥补Li-Micciancio攻击针对的这个漏洞)
一些参考文档
https://gitlab.com/palisade/palisade-release/-/blob/master/Security.md
https://codechina.csdn.net/mirrors/homenc/HElib/-/blob/master/CKKS-security.md
https://github.com/ldsec/lattigo/blob/master/SECURITY.md