Definition of Leakage-resilient Cca Encryption
نویسنده
چکیده
Key Generation The challenger computes (pk, sk) ← Gen(1λ) and give pk to A. Test 1: The adversaryA (adaptively) submits decryption queries Ci and getsmi = Dsk(Ci). The adversary also (adaptviely) submits leakage queries fj : {0, 1} ∗ → {0, 1}lj and gets fj(sk). Challenge: The adversary A comes up with two message m0, m1. The challenger chooses a random bit b ← {0, 1} and gives A the value C∗ = Epk(mb). Test 2: The adversary A (adaptively) submits decryption queries Ci 6= C ∗ and gets mi = Dsk(Ci). There is no leakage in this stage.
منابع مشابه
Efficient Compilers for After-the-Fact Leakage: From CPA to CCA-2 Secure PKE to AKE
The goal of leakage-resilient cryptography is to construct cryptographic algorithms that are secure even if the adversary obtains side-channel information from the real world implementation of these algorithms. Most of the prior works on leakage-resilient cryptography consider leakage models where the adversary has access to the leakage oracle before the challenge-ciphertext is generated (befor...
متن کاملLeakage-Resilient Chosen-Ciphertext Secure Public-Key Encryption from Hash Proof System and One-Time Lossy Filter
We present a new generic construction of a public-key encryption (PKE) scheme secure against leakage-resilient chosen-ciphertext attacks (LR-CCA), from any Hash Proof System (HPS) and any one-time lossy filter (OT-LF). Efficient constructions of HPSs and OT-LFs from the DDH and DCR assumptions suggest that our construction is a practical approach to LR-CCA security. Most of practical PKEs with ...
متن کاملNew Approach to Practical Leakage-Resilient Public-Key Cryptography
We present a new approach to construct several leakage-resilient cryptographic primitives, including leakage-resilient public-key encryption (PKE) schemes, authenticated key exchange (AKE) protocols and low-latency key exchange (LLKE) protocols. To this end, we introduce a new primitive called leakage-resilient non-interactive key exchange (LR-NIKE) protocol. We introduce a generic security mod...
متن کاملNew leakage-resilient CCA-secure public key encryption
This paper shows a generic method of constructing CCAsecure public key encryption schemes with leakage resilience on the secret key. It is based on a new kind of universal2 hash proof system which accepts an auxiliary parameter. Specifically, two schemes are presented, basing on the DCR assumption and DLIN assumption respectively.
متن کاملEncryption Schemes with Post-Challenge Auxiliary Inputs
In this paper, we tackle the open problem of proposing a leakage-resilience encryption model that can capture leakage from both the secret key owner and the encryptor, in the auxiliary input model. Existing models usually do not allow adversaries to query more leakage information after seeing the challenge ciphertext of the security games. On one hand, side-channel attacks on the random factor ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009