A note on efficient zero-knowledge proofs and arguments (extended abstract)
STOC '92 Proceedings of the twenty-fourth annual ACM symposium on Theory of computing
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
ElectroMagnetic Analysis (EMA): Measures and Counter-Measures for Smart Cards
E-SMART '01 Proceedings of the International Conference on Research in Smart Cards: Smart Card Programming and Security
Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Electromagnetic Analysis: Concrete Results
CHES '01 Proceedings of the Third International Workshop on Cryptographic Hardware and Embedded Systems
Does Parallel Repetition Lower the Error in Computationally Sound Protocols?
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Tamper resistance: a cautionary note
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
Intrusion-Resilient Secret Sharing
FOCS '07 Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science
Leakage-Resilient Cryptography
FOCS '08 Proceedings of the 2008 49th Annual IEEE Symposium on Foundations of Computer Science
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Simultaneous Hardcore Bits and Cryptography against Memory Attacks
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
A Leakage-Resilient Mode of Operation
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Public-Key Cryptosystems Resilient to Key Leakage
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Leakage-Resilient Public-Key Cryptography in the Bounded-Retrieval Model
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Universal Arguments and their Applications
SIAM Journal on Computing
Signature Schemes with Bounded Leakage Resilience
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Parallel repetition of computationally sound protocols revisited
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Intrusion-resilient key exchange in the bounded retrieval model
TCC'07 Proceedings of the 4th conference on Theory of cryptography
On seed-incompressible functions
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Practical leakage-resilient pseudorandom generators
Proceedings of the 17th ACM conference on Computer and communications security
Practical leakage-resilient identity-based encryption from simple assumptions
Proceedings of the 17th ACM conference on Computer and communications security
Circular and leakage resilient public-key encryption under subgroup indistinguishability
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Protecting cryptographic keys against continual leakage
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Securing computation against continuous leakage
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Overcoming the Hole in the Bucket: Public-Key Cryptography Resilient to Continual Memory Leakage
FOCS '10 Proceedings of the 2010 IEEE 51st Annual Symposium on Foundations of Computer Science
Cryptography against Continuous Memory Attacks
FOCS '10 Proceedings of the 2010 IEEE 51st Annual Symposium on Foundations of Computer Science
On the Insecurity of Parallel Repetition for Leakage Resilience
FOCS '10 Proceedings of the 2010 IEEE 51st Annual Symposium on Foundations of Computer Science
Cache attacks and countermeasures: the case of AES
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Public-Key encryption in the bounded-retrieval model
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Intrusion-Resilience via the bounded-storage model
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Perfectly secure password protocols in the bounded retrieval model
TCC'06 Proceedings of the Third conference on Theory of Cryptography
A parallel repetition theorem for leakage resilience
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Counterexamples to hardness amplification beyond negligible
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
| Hi-index | 0.00 |
If a cryptographic primitive remains secure even if l bits about the secret key are leaked to the adversary, one would expect that at least one of n independent instantiations of the scheme remains secure given n ċ l bits of leakage. This intuition has been proven true for schemes satisfying some special information-theoretic properties by Alwen et al. [Eurocrypt' 10]. On the negative side, Lewko and Waters [FOCS'10] construct a CPA secure public-key encryption scheme for which this intuition fails. The counterexample of Lewko and Waters leaves open the interesting possibility that for any scheme there exists a constant c n fold repetition remains secure against cċnċl bits of leakage. Furthermore, their counterexample requires the n copies of the encryption scheme to share a common reference parameter, leaving open the possibility that the intuition is true for all schemes without common setup. In this work we give a stronger counterexample ruling out these possibilities. We construct a signature scheme such that: 1. a single instantiation remains secure given l = log(k) bits of leakage where k is a security parameter 2. any polynomial number of independent instantiations can be broken (in the strongest sense of key-recovery) given l′ = poly(k) bits of leakage. Note that l′ does not depend on the number of instances. The computational assumption underlying our counterexample is that non-interactive computationally sound proofs exist. Moreover, under a stronger (non-standard) assumption about such proofs, our counterexample does not require a common reference parameter. The underlying idea of our counterexample is rather generic and can be applied to other primitives like encryption schemes.