How to construct random functions
Journal of the ACM (JACM)
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Low Cost Attacks on Tamper Resistant Devices
Proceedings of the 5th International Workshop on Security Protocols
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)
Power Analysis Attacks: Revealing the Secrets of Smart Cards (Advances in Information Security)
A block cipher based pseudo random number generator secure against side-channel key recovery
Proceedings of the 2008 ACM symposium on Information, computer and communications security
CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
Leakage-Resilient Cryptography
FOCS '08 Proceedings of the 2008 49th Annual IEEE Symposium on Foundations of Computer Science
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Simultaneous Hardcore Bits and Cryptography against Memory Attacks
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
A Unified Framework for the Analysis of Side-Channel Key Recovery Attacks
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
A Leakage-Resilient Mode of Operation
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
On cryptography with auxiliary input
Proceedings of the forty-first annual ACM symposium on Theory of computing
Algebraic Side-Channel Attacks on the AES: Why Time also Matters in DPA
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Practical leakage-resilient pseudorandom generators
Proceedings of the 17th ACM conference on Computer and communications security
Leakage-resilient pseudorandom functions and side-channel attacks on Feistel networks
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
Algebraic side-channel attacks
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Pushing the limits: a very compact and a threshold implementation of AES
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
Improved generic algorithms for hard knapsacks
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
CHES'05 Proceedings of the 7th international conference on Cryptographic hardware and embedded systems
New generic algorithms for hard knapsacks
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Private circuits II: keeping secrets in tamperable circuits
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Intrusion-Resilience via the bounded-storage model
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Perfectly secure password protocols in the bounded retrieval model
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Practical lattice-based cryptography: a signature scheme for embedded systems
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Practical leakage-resilient symmetric cryptography
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Practical leakage-resilient pseudorandom objects with minimum public randomness
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Side-channel indistinguishability
Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy
Leakage-Resilient symmetric encryption via re-keying
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
| Hi-index | 0.00 |
Leakage-resilient constructions have attracted significant attention over the last couple of years. In practice, pseudorandom functions are among the most important such primitives, because they are stateless and do not require a secure initialization as, e.g. stream ciphers. However, their deployment in actual applications is still limited by security and efficiency concerns. This paper contributes to solve these issues in two directions. On the one hand, we highlight that the condition of bounded data complexity, that is guaranteed by previous leakage-resilient constructions, may not be enough to obtain practical security. We show experimentally that, if implemented in an 8-bit microcontroller, such constructions can actually be broken. On the other hand, we present tweaks for tree-based leakage-resilient PRFs that improve their efficiency and their security, by taking advantage of parallel implementations. Our security analyses are based on worst-case attacks in a noise-free setting and suggest that under reasonable assumptions, the side-channel resistance of our construction grows super-exponentially with a security parameter that corresponds to the degree of parallelism of the implementation. In addition, it exhibits that standard DPA attacks are not the most relevant tool for evaluating such leakage-resilient constructions and may lead to overestimated security. As a consequence, we investigate more sophisticated tools based on lattice reduction, which turn out to be powerful in the physical cryptanalysis of these primitives. Eventually, we put forward that the AES is not perfectly suited for integration in a leakage-resilient design. This observation raises interesting challenges for developing block ciphers with better properties regarding leakage-resilience.