Results 1  10
of
20,104
Faust.: LeakageResilient Cryptography from the InnerProduct Extractor
 ASIACRYPT2011, LNCS 7073
, 2011
"... Abstract. We present a generic method to secure various widelyused cryptosystems against arbitrary sidechannel leakage, as long as the leakage adheres three restrictions: first, it is bounded per observation but in total can be arbitrary large. Second, memory parts leak independently, and, third, ..."
Abstract

Cited by 16 (2 self)
 Add to MetaCart
, the randomness that is used for certain operations comes from a simple (nonuniform) distribution. As a fundamental building block, we construct a scheme to store a cryptographic secret such that it remains information theoretically hidden, even given arbitrary continuous leakage from the storage. To this end
Leakageresilient cryptography
 In Proceedings of the 49th IEEE Symposium on Foundation of Computer Science
, 2008
"... We construct a streamcipher S whose implementation is secure even if a bounded amount of arbitrary (adversarially chosen) information on the internal state of S is leaked during computation. This captures all possible sidechannel attacks on S where the amount of information leaked in a given peri ..."
Abstract

Cited by 147 (9 self)
 Add to MetaCart
given K1,...,Kℓ−1, f1(τ1),..., fℓ−1(τℓ−1) and also the complete internal state of S after Kℓ has been computed (i.e. S is forwardsecure). The construction is based on alternating extraction (used in the intrusionresilient secretsharing scheme from FOCS’07). We move this concept to the computational
Leakageresilient nonmalleable codes
, 2014
"... A recent trend in cryptography is to construct cryptosystems that are secure against physical attacks. Such attacks are usually divided into two classes: the leakage attacks in which the adversary obtains some information about the internal state of the machine, and the tampering attacks where the a ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
A recent trend in cryptography is to construct cryptosystems that are secure against physical attacks. Such attacks are usually divided into two classes: the leakage attacks in which the adversary obtains some information about the internal state of the machine, and the tampering attacks where
Leakageresilient cryptography over large finite fields: Theory and practice
 In ACNS, 2015. BCC+14. Nir Bitansky, Ran Canetti, Alessandro Chiesa, Shafi Goldwasser, Huijia Lin, Aviad Rubinstein, and Eran Tromer
"... Information leakage is a major concern in modern day ITsecurity. In fact, a malicious user is often able to extract information about private values from the computation performed on the devices. In specific settings, such as RFID, where a low computational complexity is required, it is hard to ap ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
to apply standard techniques to achieve resilience against this kind of attacks. In this paper, we present a framework to make cryptographic primitives based on large finite fields robust against information leakage with a bounded computational cost. The approach makes use of the inner product extractor
LeakageResilient Storage
"... Abstract. We study a problem of secure date storage on hardware that may leak information. We introduce a new primitive, that we call leakageresilient storage (LRS), which is an (unkeyed) scheme for encoding messages. The security of LRS is defined with respect to a class Γ of leakage functions. We ..."
Abstract

Cited by 15 (8 self)
 Add to MetaCart
Abstract. We study a problem of secure date storage on hardware that may leak information. We introduce a new primitive, that we call leakageresilient storage (LRS), which is an (unkeyed) scheme for encoding messages. The security of LRS is defined with respect to a class Γ of leakage functions
NonMalleable Cryptography
 SIAM Journal on Computing
, 2000
"... The notion of nonmalleable cryptography, an extension of semantically secure cryptography, is defined. Informally, in the context of encryption the additional requirement is that given the ciphertext it is impossible to generate a different ciphertext so that the respective plaintexts are related. ..."
Abstract

Cited by 490 (21 self)
 Add to MetaCart
The notion of nonmalleable cryptography, an extension of semantically secure cryptography, is defined. Informally, in the context of encryption the additional requirement is that given the ciphertext it is impossible to generate a different ciphertext so that the respective plaintexts are related
LeakageResilient Zero Knowledge ∗
"... In this paper, we initiate a study of zero knowledge proof systems in the presence of sidechannel attacks. Specifically, we consider a setting where a cheating verifier is allowed to obtain arbitrary bounded leakage on the entire state (including the witness and the random coins) of the proverduring ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
) of the proverduring the entire protocol execution. We formalize a meaningful definition of leakageresilient zero knowledge (LRZK) proof system, that intuitively guarantees that the protocol does not yield anything beyond the validity of the statement and the leakage obtained by the verifier. We give a construction
A leakageresilient mode of operation
 In EUROCRYPT
, 2009
"... Abstract. A weak pseudorandom function (wPRF) is a pseudorandom functions with a relaxed security requirement, where one only requires the output to be pseudorandom when queried on random (and not adversarially chosen) inputs. We show that unlike standard PRFs, wPRFs are secure against memory attack ..."
Abstract

Cited by 77 (5 self)
 Add to MetaCart
attacks, that is they remain secure even if a bounded amount of information about the secret key is leaked to the adversary. As an application of this result we propose a simple mode of operation which – when instantiated with any wPRF – gives a leakageresilient streamcipher. Such a cipher is secure
LeakageResilient ElGamal
, 2010
"... Blinding is a popular and wellknown countermeasure to protect publickey cryptosystems against sidechannel attacks. The high level idea is to randomize an exponentiation in order to prevent multiple measurements of the same operation on different data, as such measurements might allow the adversar ..."
Abstract
 Add to MetaCart
. In particular, we propose a muliplicatively blinded version of ElGamal publickey encryption where • we prove that the scheme, instantiated over bilinear groups of prime order p (where p−1 is not smooth) is leakageresilient in the genericgroup model. Here we consider the model of chosencipherext security
LeakageResilient Cryptography from Minimal Assumptions
, 2012
"... We present new constructions of leakageresilient cryptosystems, which remain provably secure even if the attacker learns some arbitrary partial information about their internal secret key. For any polynomial ℓ, we can instantiate these schemes so as to tolerate up to ℓ bits of leakage. While there ..."
Abstract

Cited by 8 (1 self)
 Add to MetaCart
there has been much prior work constructing such leakageresilient cryptosystems under concrete numbertheoretic and algebraic assumptions, we present the first schemes under general and minimal assumptions. In particular, we construct: • Leakageresilient publickey encryption from any standard public
Results 1  10
of
20,104