A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Separating Random Oracle Proofs from Complexity Theoretic Proofs: The Non-committing Encryption Case
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Power Analysis, What Is Now Possible...
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A block cipher based pseudo random number generator secure against side-channel key recovery
Proceedings of the 2008 ACM symposium on Information, computer and communications security
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Leakage-Resilient Cryptography
FOCS '08 Proceedings of the 2008 49th Annual IEEE Symposium on Foundations of Computer Science
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Simultaneous Hardcore Bits and Cryptography against Memory Attacks
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
A Leakage-Resilient Mode of Operation
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
On cryptography with auxiliary input
Proceedings of the forty-first annual ACM symposium on Theory of computing
Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Public-Key Cryptosystems Resilient to Key Leakage
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Leakage-Resilient Public-Key Cryptography in the Bounded-Retrieval Model
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Algebraic Side-Channel Attacks on the AES: Why Time also Matters in DPA
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Memory Leakage-Resilient Encryption Based on Physically Unclonable Functions
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Signature Schemes with Bounded Leakage Resilience
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On seed-incompressible functions
TCC'08 Proceedings of the 5th conference on Theory of cryptography
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
FOX: a new family of block ciphers
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
Proceedings of the 7th international conference on Theory of Cryptography
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Public-key encryption schemes with auxiliary inputs
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Intrusion-Resilience via the bounded-storage model
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Perfectly secure password protocols in the bounded retrieval model
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Leakage-resilient RFID authentication with forward-privacy
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
Parallel repetition for leakage resilience amplification revisited
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Key-evolution schemes resilient to space-bounded leakage
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Extractors against side-channel attacks: weak or strong?
CHES'11 Proceedings of the 13th international conference on Cryptographic hardware and embedded systems
Fresh re-keying II: securing multiple parties against side-channel and fault attacks
CARDIS'11 Proceedings of the 10th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Multi-location leakage resilient cryptography
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Towards super-exponential side-channel security with efficient leakage-resilient PRFs
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Practical leakage-resilient symmetric cryptography
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Practical leakage-resilient pseudorandom objects with minimum public randomness
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
CacheAudit: a tool for the static analysis of cache side channels
SEC'13 Proceedings of the 22nd USENIX conference on Security
Hardware security: threat models and metrics
Proceedings of the International Conference on Computer-Aided Design
Hi-index | 0.00 |
Cryptographic systems and protocols are the core of many Internet security procedures (such as SSL, SSH, IPSEC, DNSSEC, secure mail, etc.). At the heart of all cryptographic functions is a good source of randomness, and for efficiency, the primitive of pseudorandom generator (PRG). PRG can also be used in the design of stream ciphers, for secure communications. The Internet is nowadays composed of many types of devices with very different hardware and software characteristics. Hence, one of the concerns in such open environments is the information "leakage" and its exploitation via the so-called "side channel attacks". A very extensive and current research direction is designing basic cryptographic operations that are resistant to such attacks. Recent works on leakage-resilient PRG and stream ciphers did significant progresses in providing tools for the analysis of side-channel attacks in the standard cryptographic setting. But in the absence of a completely sound model for the leakages, the only constructions that can be proven secure require tweaks that do not correspond to the physical intuition. For example, constructions using an alternating structure, in which a key bit-size of $2n$ can only guarantee a security of at most $2^n$, have been designed for this purpose. In this paper, we provide two methodological contributions, allowing to get rid of these tweaks, or to reduce their impact towards negligible performance overheads. First, we show that the leakage-resilience of a natural, i.e. conform to engineering experience, stateful PRG can be proven under a random oracle based assumption. We then discuss the relevance of this assumption, and argue that it nicely captures the reality of actual side-channel attacks. Second, we provide the first construction of a PRG without alternating structure, that exploits the keying material to its full length and that can be proven leakage-resilient in the standard model. For this purpose, we only need to assume a non adaptive leakage function and a small public memory. We also argue that such an assumption is not only realistic, but necessary for any leakage-resilient primitive that grants adversaries with a (stateless) reinitialization capability. Together with weaker requirements for practical implementations, these contributions further reduce the gap between the theory and practice of physically observable cryptography.