Skip to main content
Springer Nature Link
Log in

Survey: Leakage Resilience and the Bounded Retrieval Model

  • Conference paper
Information Theoretic Security (ICITS 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5973))

Included in the following conference series:

  • 709 Accesses

Abstract

This survey paper studies recent advances in the field of Leakage-Resilient Cryptography. This booming area is concerned with the design of cryptographic primitives resistant to arbitrary side-channel attacks, where an attacker can repeatedly and adaptively learn information about the secret key, subject only to the constraint that the overall amount of such information is bounded by some parameter ℓ. We start by surveying recent results in the so called Relative Leakage Model, where all the parameters of the system are allowed to depend on ℓ, and the goal is to make ℓ large relative to the length of the secret key. We conclude by showing how to extend the relative leakage results to the Bounded Retrieval Model (aka “Absolute Leakage Model”), where only the secret key length is allowed to be slightly larger than ℓ, but all other system parameters (e.g., public-key, communication, etc.) are independent of the absolute value of ℓ. Throughout the presentation we will emphasize the information-theoretic techniques used in leakage-resilient cryptography.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Abdalla, M., An, J.H., Bellare, M., Namprempre, C.: From identification to signatures via the fiat-shamir transform: Minimizing assumptions for security and forward-security. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 418–433. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  2. Alwen, J., Dodis, Y., Naor, M., Segev, G., Walfish, S., Wichs, D.: Public-key encryption in the bounded-retrival model (2009), http://eprint.iacr.org/2009/512

  3. Aumann, Y., Ding, Y.Z., Rabin, M.O.: Everlasting security in the bounded storage model. IEEE Transactions on Information Theory 48(6), 1668–1680 (2002)

    Article  MATH  MathSciNet  Google Scholar 

  4. Alwen, J., Dodis, Y., Wichs, D.: Leakage-resilient public-key cryptography in the bounded-retrieval model. In: Halevi, S. (ed.) Advances in Cryptology - CRYPTO 2009. LNCS, vol. 5677, pp. 36–54. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  5. Akavia, A., Goldwasser, S., Vaikuntanathan, V.: Simultaneous hardcore bits and cryptography against memory attacks. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  6. Aumann, Y., Rabin, M.O.: Information theoretically secure communication in the limited storage space model. Wiener [Wie99], pp. 65–79 (1999)

    Google Scholar 

  7. Bennett, C.H., Brassard, G., Crépeau, C., Maurer, U.M.: Generalized privacy amplification. IEEE Transactions on Information Theory 41(6), 1915–1923 (1995)

    Article  MATH  Google Scholar 

  8. Bennett, C.H., Brassard, G., Robert, J.-M.: Privacy amplification by public discussion. SIAM J. Comput. 17(2), 210–229 (1988)

    Article  MathSciNet  Google Scholar 

  9. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults (extended abstract). In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)

    Google Scholar 

  10. Bellovin, S.M., Merritt, M.: Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password file compromise. In: ACM Conference on Computer and Communications Security, pp. 244–250 (1993)

    Google Scholar 

  11. Boyko, V., MacKenzie, P.D., Patel, S.: Provably secure password-authenticated key exchange using diffie-hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  12. Boneh, D. (ed.): CRYPTO 2003. LNCS, vol. 2729. Springer, Heidelberg (2003)

    MATH  Google Scholar 

  13. Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  14. Brickell, E.F. (ed.): CRYPTO 1992. LNCS, vol. 740. Springer, Heidelberg (1993)

    MATH  Google Scholar 

  15. Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Jr. [Jr.97], pp. 513–525 (1997)

    Google Scholar 

  16. Cash, D., Ding, Y.Z., Dodis, Y., Lee, W., Lipton, R.J., Walfish, S.: Intrusion-resilient key exchange in the bounded retrieval model. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 479–498. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  17. Canetti, R., Dodis, Y., Halevi, S., Kushilevitz, E., Sahai, A.: Exposure-resilient functions and all-or-nothing transforms. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 453–469. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  18. Cramer, R., Damgård, I., Schoenmakers, B.: Proofs of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)

    Google Scholar 

  19. Di Crescenzo, G., Lipton, R.J., Walfish, S.: Perfectly secure password protocols in the bounded retrieval model. In: Halevi, Rabin (eds.) [HR06], pp. 225–244 (2006)

    Google Scholar 

  20. Cramer, R., Shoup, V.: Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45–64. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  21. Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33(1), 167–226 (2004)

    Article  MathSciNet  Google Scholar 

  22. Dodis, Y., Goldwasser, S., Kalai, Y., Peikert, C., Vaikuntanathan, V.: Public-key encryption schemes with auxiliary inputs (2009)

    Google Scholar 

  23. Dodis, Y., Kalai, Y.T., Lovett, S.: On cryptography with auxiliary input. In: STOC, pp. 621–630 (2009)

    Google Scholar 

  24. Dodis, Y., Katz, J., Reyzin, L., Smith, A.: Robust fuzzy extractors and authenticated key agreement from close secrets. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 232–250. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  25. Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1), 97–139 (2008)

    Article  MATH  MathSciNet  Google Scholar 

  26. Dziembowski, S., Pietrzak, K.: Intrusion-resilient secret sharing. In: FOCS, pp. 227–237. IEEE Computer Society, Los Alamitos (2007)

    Google Scholar 

  27. Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: FOCS, pp. 293–302. IEEE Computer Society, Los Alamitos (2008)

    Google Scholar 

  28. Dodis, Y., Sahai, A., Smith, A.: On perfect and adaptive security in exposure-resilient cryptography. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 301–324. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  29. Dodis, Y., Wichs, D.: Non-malleable extractors and symmetric key cryptography from weak secrets. In: STOC (2009), Full version, http://eprint.iacr.org/2008/503

  30. Dziembowski, S.: Intrusion-resilience via the bounded-storage model. In: Halevi, Rabin (eds.) [HR06], pp. 207–224 (2006)

    Google Scholar 

  31. Faust, S., Kiltz, E., Pietrzak, K., Rothblum, G.: Leakage-resilient signatures (2009), http://eprint.iacr.org/2009/282

  32. Faust, S., Reyzin, L., Tromer, E.: Protecting circuits from computationally-bounded leakage. Cryptology ePrint Archive, Report 2009/379 (2009), http://eprint.iacr.org/

  33. Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)

    Google Scholar 

  34. Feige, U., Shamir, A.: Zero Knowledge Proofs of Knowledge in Two Rounds. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 526–544. Springer, Heidelberg (1990)

    Google Scholar 

  35. Goldreich, O., Lindell, Y.: Session-key generation using human passwords only. J. Cryptology 19(3), 241–340 (2006)

    Article  MATH  MathSciNet  Google Scholar 

  36. Gandolfi, K., Mourtel, C., Olivier, F.: Electromagnetic analysis: Concrete results. In: Koç, Ç.K., Naccache, D., Paar, C. (eds.) CHES 2001. LNCS, vol. 2162, pp. 251–261. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  37. Goldreich, O., Micali, S., Wigderson, A.: Proofs that yield nothing but their validity for all languages in np have zero-knowledge proof systems. J. ACM 38(3), 691–729 (1991)

    Article  MATH  MathSciNet  Google Scholar 

  38. Halevi, S., Rabin, T. (eds.): TCC 2006. LNCS, vol. 3876, pp. 1–20. Springer, Heidelberg (2006)

    MATH  Google Scholar 

  39. Alex Halderman, J., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest we remember: Cold boot attacks on encryption keys. In: van Oorschot, P.C. (ed.) USENIX Security Symposium, pp. 45–60. USENIX Association (2008)

    Google Scholar 

  40. Ishai, Y., Prabhakaran, M., Sahai, A., Wagner, D.: Private circuits ii: Keeping secrets in tamperable circuits. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 308–327. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  41. Ishai, Y., Sahai, A., Wagner, D.: Private circuits: Securing hardware against probing attacks. In: Boneh [Bon03], pp. 463–481 (2003)

    Google Scholar 

  42. Kaliski Jr., B.S. (ed.): CRYPTO 1997. LNCS, vol. 1294, pp. 1–15. Springer, Heidelberg (1997)

    MATH  Google Scholar 

  43. Kocher, P.C., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener [Wie99], pp. 388–397 (1999)

    Google Scholar 

  44. Kocher, P.C.: Timing attacks on implementations of diffie-hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996)

    Google Scholar 

  45. Katz, J., Ostrovsky, R., Yung, M.: Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 475–494. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  46. Kiltz, E., Pietrzak, K., Stam, M., Yung, M.: A new randomness extraction paradigm for hybrid encryption. In: Ghilardi, S. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 590–609. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  47. Kanukurthi, B., Reyzin, L.: Key agreement from close secrets over unsecured channels. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479. Springer, Heidelberg (2009), Full version, http://eprint.iacr.org/2008/494

    Chapter  Google Scholar 

  48. Katz, J., Vaikuntanathan, V.: Signature schemes with bounded leakage resilience. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912. Springer, Heidelberg (2009), http://www.mit.edu/~vinodv/papers/asiacrypt09/KV-Sigs.pdf

    Google Scholar 

  49. Lamport, L.: Constructing digital signatures from a one-way function. Technical report, SRI International (October 1979)

    Google Scholar 

  50. Lu, C.-J.: Hyper-encryption against space-bounded adversaries from on-line strong extractors. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 257–271. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  51. Maurer, U.M.: Conditionally-perfect secrecy and a provably-secure randomized cipher. J. Cryptology 5(1), 53–66 (1992)

    Article  MATH  MathSciNet  Google Scholar 

  52. Maurer, U.M.: Protocols for secret key agreement by public discussion based on common information. In: Brickell [Bri93], pp. 461–470 (1993)

    Google Scholar 

  53. Micali, S., Reyzin, L.: Physically observable cryptography (extended abstract). In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 278–296. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  54. Maurer, U.M., Wolf, S.: Privacy amplification secure against active adversaries. In: Jr. [Jr.97], pp. 307–321 (1997)

    Google Scholar 

  55. Naor, M., Segev, G.: Public-key cryptosystems resilient to key leakage. In: Halevi, S. (ed.) Advances in Cryptology - CRYPTO 2009. LNCS, vol. 5677, pp. 18–35. Springer, Heidelberg (2009), http://eprint.iacr.org/2009/105

    Chapter  Google Scholar 

  56. Naor, M., Yung, M.: Universal one-way hash functions and their cryptographic applications. In: STOC, pp. 33–43. ACM, New York (1989)

    Google Scholar 

  57. Nisan, N., Zuckerman, D.: Randomness is linear in space. J. Comput. Syst. Sci. 52(1), 43–52 (1996)

    Article  MATH  MathSciNet  Google Scholar 

  58. Okamoto, T.: Provably secure and practical identification schemes and corresponding signature schemes. In: Brickell[Bri93], pp. 31–53 (1993)

    Google Scholar 

  59. Pietrzak, K.: A leakage-resilient mode of operation. In: Eurocrypt 2009, Cologne, Germany, pp. 462–482 (2009)

    Google Scholar 

  60. Quisquater, J.-J., Samyde, D.: Electromagnetic analysis (ema): Measures and counter-measures for smart cards. In: Attali, S., Jensen, T. (eds.) E-smart 2001. LNCS, vol. 2140, pp. 200–210. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  61. Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Gabow, H.N., Fagin, R. (eds.) STOC, pp. 84–93. ACM, New York (2005)

    Google Scholar 

  62. Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: STOC, pp. 387–394. ACM, New York (1990)

    Google Scholar 

  63. Renner, R., Wolf, S.: Unconditional authenticity and privacy from an arbitrarily weak secret. In: Boneh[Bon03], pp. 78–95 (2003)

    Google Scholar 

  64. Vadhan, S.P.: Constructing locally computable extractors and cryptosystems in the bounded-storage model. J. Cryptology 17(1), 43–77 (2004)

    Article  MATH  MathSciNet  Google Scholar 

  65. Wiener, M. (ed.): CRYPTO 1999. LNCS, vol. 1666. Springer, Heidelberg (1999)

    MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, New York University,  

    Joël Alwen, Yevgeniy Dodis & Daniel Wichs

Authors
  1. Joël Alwen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yevgeniy Dodis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daniel Wichs
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer and Information Sciences, Ibaraki University, 4-12-1 Nakanarusawa, 316-8511, Hitachi, Ibaraki, Japan

    Kaoru Kurosawa

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Alwen, J., Dodis, Y., Wichs, D. (2010). Survey: Leakage Resilience and the Bounded Retrieval Model. In: Kurosawa, K. (eds) Information Theoretic Security. ICITS 2009. Lecture Notes in Computer Science, vol 5973. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14496-7_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14496-7_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14495-0

  • Online ISBN: 978-3-642-14496-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics