A Computational Indistinguishability Logic for the Bounded Storage Model

Side-channel attacks are a major threat for cryptographic mechanisms; yet, they are not considered in the computational model that is used by cryptographers for proving the security of their schemes. As a result, there are several efficient attacks against standardized implementations of provably secure schemes. Leakage resilient cryptography aims to extend provable security so that it can account for side-channels. There are several models of leakage resilient cryptography, from very general models such as physically observable cryptography, to more specialized models that aim to account for a specific form of covert channel. The Bounded Storage model (BSM) is a such a specialized model, which focuses on situations where a virus or a malware program forwards to the attacker some information stolen from the infected computer’s memory, for instance some share of a long-term key. We adapt the Computational Indistinguishability Logic to account the BSM, and show how the resulting formalism can be used to verify an existing key exchange protocol in the BSM. Our work provides the first formalism to reason about leakage resilient cryptography.