Results 1  10
of
70,341
Fully LeakageResilient Signatures
, 2010
"... A signature scheme is fully leakage resilient (Katz and Vaikuntanathan, ASIACRYPT ’09) if it is existentially unforgeable under an adaptive chosenmessage attack even in a setting where an adversary may obtain bounded (yet arbitrary) leakage information on all intermediate values that are used throu ..."
Abstract

Cited by 23 (3 self)
 Add to MetaCart
throughout the lifetime of the system. This is a strong and meaningful notion of security that captures a wide range of sidechannel attacks. One of the main challenges in constructing fully leakageresilient signature schemes is dealing with leakage that may depend on the random bits used by the signing
LeakageResilient Digital Signatures
, 2011
"... In this class we gave a definition of leakageresilient signatures in the bounded memory leakage model and then gave a construction due to Katz and Vaikuntanathan [KV09]. 1 Review of Leakage Models Before constructing leakageresilient signatures we will review and clarify the different leakage mode ..."
Abstract
 Add to MetaCart
a leakageresilient signature scheme in the bounded leakage model. A digital signature scheme is a triple of PPT algorithms S =(Gen, Sign, Ver). Syntactically: • Gen(1 k)=(sk, vk) wherek is a security parameter and (sk, vk) is a keypair consisting of a private signature key and a public
LeakageResilient ElGamal
, 2010
"... Blinding is a popular and wellknown countermeasure to protect publickey cryptosystems against sidechannel attacks. The high level idea is to randomize an exponentiation in order to prevent multiple measurements of the same operation on different data, as such measurements might allow the adversar ..."
Abstract
 Add to MetaCart
. In particular, we propose a muliplicatively blinded version of ElGamal publickey encryption where • we prove that the scheme, instantiated over bilinear groups of prime order p (where p−1 is not smooth) is leakageresilient in the genericgroup model. Here we consider the model of chosencipherext security
Fully LeakageResilient Codes
"... Abstract. Leakage resilient codes (LRCs) are probabilistic encoding schemes that guarantee message hiding even under some bounded leakage on the codeword. We introduce the notion of fully leakage resilient codes (FLRCs), where the adversary can leak some λ0 bits from the encoding process, i.e., the ..."
Abstract
 Add to MetaCart
the message. For λ0 = 0 our new simulationbased notion is equivalent to the usual gamebased definition. A FLRC would be interesting in its own right and would be useful in building other leakageresilient primitives in a composable manner. We give a fairly general impossibility result for FLRCs
LeakageResilient Zero Knowledge ∗
"... In this paper, we initiate a study of zero knowledge proof systems in the presence of sidechannel attacks. Specifically, we consider a setting where a cheating verifier is allowed to obtain arbitrary bounded leakage on the entire state (including the witness and the random coins) of the proverduring ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
) of the proverduring the entire protocol execution. We formalize a meaningful definition of leakageresilient zero knowledge (LRZK) proof system, that intuitively guarantees that the protocol does not yield anything beyond the validity of the statement and the leakage obtained by the verifier. We give a construction
LeakageResilient Coin Tossing
, 2011
"... The ability to collectively toss a common coin among n parties in the presence of faults is an important primitive in the arsenal of randomized distributed protocols. In the case of dishonest majority, it was shown to be impossible to achieve less than 1 bias in O(r) rounds (Cleve STOC r ’86). In th ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
3 − ɛ)n computationallyunbounded Byzantine faults and in addition a Ω(1)fraction leakage on each (honest) party’s secret state. Our results hold in the memory leakage model (of Akavia, Goldwasser, Vaikuntanathan ’08) adapted to the distributed setting. Another contribution of our work is a tool we
A leakageresilient mode of operation
 In EUROCRYPT
, 2009
"... Abstract. A weak pseudorandom function (wPRF) is a pseudorandom functions with a relaxed security requirement, where one only requires the output to be pseudorandom when queried on random (and not adversarially chosen) inputs. We show that unlike standard PRFs, wPRFs are secure against memory attack ..."
Abstract

Cited by 77 (5 self)
 Add to MetaCart
attacks, that is they remain secure even if a bounded amount of information about the secret key is leaked to the adversary. As an application of this result we propose a simple mode of operation which – when instantiated with any wPRF – gives a leakageresilient streamcipher. Such a cipher is secure
LeakageResilient Cryptography from Minimal Assumptions
, 2012
"... We present new constructions of leakageresilient cryptosystems, which remain provably secure even if the attacker learns some arbitrary partial information about their internal secret key. For any polynomial ℓ, we can instantiate these schemes so as to tolerate up to ℓ bits of leakage. While there ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
We present new constructions of leakageresilient cryptosystems, which remain provably secure even if the attacker learns some arbitrary partial information about their internal secret key. For any polynomial ℓ, we can instantiate these schemes so as to tolerate up to ℓ bits of leakage. While
LeakageResilient Storage
"... Abstract. We study a problem of secure date storage on hardware that may leak information. We introduce a new primitive, that we call leakageresilient storage (LRS), which is an (unkeyed) scheme for encoding messages. The security of LRS is defined with respect to a class Γ of leakage functions. We ..."
Abstract

Cited by 15 (8 self)
 Add to MetaCart
Abstract. We study a problem of secure date storage on hardware that may leak information. We introduce a new primitive, that we call leakageresilient storage (LRS), which is an (unkeyed) scheme for encoding messages. The security of LRS is defined with respect to a class Γ of leakage functions
Leakageresilient nonmalleable codes
, 2014
"... A recent trend in cryptography is to construct cryptosystems that are secure against physical attacks. Such attacks are usually divided into two classes: the leakage attacks in which the adversary obtains some information about the internal state of the machine, and the tampering attacks where the a ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
codes in the ksplitstate model (the most desired case being k = 2). Such codes were constucted recently by Aggarwal et al. (STOC 2014). Unfortunately, unlike the earlier, computationallysecure constructions (Liu and Lysyanskaya, CRYPTO 2012) these codes are not known to be resilient to leakage
Results 1  10
of
70,341