skip to main content
10.1145/2332432.2332462acmconferencesArticle/Chapter ViewAbstractPublication PagespodcConference Proceedingsconference-collections
research-article

Distributed public key schemes secure against continual leakage

Published: 16 July 2012 Publication History

Abstract

In this work we study distributed public key schemes secure against continual memory leakage. The secret key will be shared among two computing devices communicating over a public channel, and the decryption operation will be computed by a simple 2-party protocol between the devices. Similarly, the secret key shares will be periodically refreshed by a simple 2-party protocol executed in discrete time periods throughout the lifetime of the system. The leakage adversary can choose pairs, one per device, of polynomial time computable length shrinking (or entropy shrinking) functions, and receive the value of the respective function on the internal state of the respective device (namely, on its secret share, internal randomness, and results of intermediate computations).
We present distributed public key encryption (DPKE) and distributed identity based encryption (DIBE) schemes that are secure against continual memory leakage, under the Bilinear Decisional Diffie-Hellman and $2$-linear assumptions. Our schemes have the following properties:
1. Our DPKE and DIBE schemes tolerate leakage at all times, including during refresh. During refresh the tolerated leakage is a (1/2-o (1),1)-fraction of the secret memory of P1, P2 respectively; and at all other times (post key generation) the tolerated leakage is a (1-o (1),1)-fraction of the secret memory of P1, P2 respectively.
Our DIBE scheme tolerates leakage from both the master secret key and the identity based secret keys.
Our DPKE scheme is CCA2-secure against continual memory leakage.
Our DPKE scheme also implies a secure storage system on leaky devices, where a value s can be secretely stored on devices that continually leak information about their internal state to an external attacker. The devices go through a periodic refresh protocol.
These properties improve on bounds and properties of known constructions designed to be secure against continual memory leakage in the single processor model.

References

[1]
A. Akavia, S. Goldwasser, and V. Vaikuntanathan. Simultaneous hardcore bits and cryptography against memory attacks. In TCC, pages 474--495, 2009.
[2]
J. Alwen, Y. Dodis, and D. Wichs. Leakage-resilient public-key cryptography in the bounded-retrieval model. In CRYPTO, pages 36--54, 2009.
[3]
E. Biham and A. Shamir. Differential fault analysis of secret key cryptosystems. In CRYPTO, pages 513--525, 1997.
[4]
N. Bitansky, R. Canetti, and S. Halevi. Leakage-tolerant interactive protocols. In TCC, pages 266--284, 2012.
[5]
D. Boneh and X. Boyen. Secure identity based encryption without random oracles. In CRYPTO, pages 443--459, 2004.
[6]
D. Boneh, R. Canetti, S. Halevi, and J. Katz. Chosen-ciphertext security from identity-based encryption. SIAM J. Comput., 36(5):1301--1328, 2007.
[7]
D. Boneh, R. A. DeMillo, and R. J. Lipton. On the importance of checking cryptographic protocols for faults (extended abstract). In EUROCRYPT, pages 37--51, 1997.
[8]
D. Boneh, S. Halevi, M. Hamburg, and R. Ostrovsky. Circular-secure encryption from decision diffie-hellman. In CRYPTO, pages 108--125, 2008.
[9]
V. Boyko. On the security properties of oaep as an all-or-nothing transform. In CRYPTO, pages 503--518, 1999.
[10]
E. Boyle, S. Goldwasser, and Y. T. Kalai. Leakage-resilient coin tossing. In DISC, pages 181--196, 2011.
[11]
Z. Brakerski, Y. T. Kalai, J. Katz, and V. Vaikuntanathan. Overcoming the hole in the bucket: Public-key cryptography resilient to continual memory leakage. In FOCS, pages 501--510, 2010.
[12]
R. Canetti, Y. Dodis, S. Halevi, E. Kushilevitz, and A. Sahai. Exposure-resilient functions and all-or-nothing transforms. In EUROCRYPT, pages 453--469, 2000.
[13]
Y. Dodis, S. Goldwasser, Y. T. Kalai, C. Peikert, and V. Vaikuntanathan. Public-key encryption schemes with auxiliary inputs. In TCC, pages 361--381, 2010.
[14]
Y. Dodis, K. Haralambiev, A. López-Alt, and D. Wichs. Cryptography against continuous memory attacks. In FOCS, pages 511--520, 2010.
[15]
Y. Dodis, K. Haralambiev, A. López-Alt, and D. Wichs. Efficient public-key cryptography in the presence of key leakage. In ASIACRYPT, pages 613--631, 2010.
[16]
Y. Dodis, Y. T. Kalai, and S. Lovett. On cryptography with auxiliary input. In STOC, pages 621--630, 2009.
[17]
Y. Dodis, A. B. Lewko, B. Waters, and D. Wichs. Storing secrets on continually leaky devices. In FOCS, pages 688--697, 2011.
[18]
Y. Dodis, L. Reyzin, and A. Smith. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In EUROCRYPT, pages 523--540, 2004.
[19]
Y. Dodis, A. Sahai, and A. Smith. On perfect and adaptive security in exposure-resilient cryptography. In EUROCRYPT, pages 301--324, 2001.
[20]
S. Dziembowski and K. Pietrzak. Leakage-resilient cryptography. In FOCS, pages 293--302, 2008.
[21]
K. Gandolfi, C. Mourtel, and F. Olivier. Electromagnetic analysis: Concrete results. In CHES, number Generators, pages 251--261, 2001.
[22]
S. Garg, A. Jain, and A. Sahai. Leakage-resilient zero knowledge. In CRYPTO, 2011.
[23]
S. Goldwasser, Y. T. Kalai, and G. N. Rothblum. One-time programs. In CRYPTO, pages 39--56, 2008.
[24]
J. A. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul, J. A. Calandrino, A. J. Feldman, J. Appelbaum, and E. W. Felten. Lest we remember: cold-boot attacks on encryption keys. Commun. ACM, 52(5):91--98, 2009.
[25]
S. Halevi and H. Lin. After-the-fact leakage in public-key encryption. In TCC, pages 107--124, 2011.
[26]
Y. Ishai, A. Sahai, and D. Wagner. Private circuits: Securing hardware against probing attacks. In CRYPTO, pages 463--481, 2003.
[27]
P. C. Kocher. Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In CRYPTO, pages 104--113, 1996.
[28]
P. C. Kocher, J. Jaffe, and B. Jun. Differential power analysis. In CRYPTO, pages 388--397, 1999.
[29]
A. B. Lewko, M. Lewko, and B. Waters. How to leak on key updates. In STOC, pages 725--734, 2011.
[30]
A. B. Lewko, Y. Rouselakis, and B. Waters. Achieving leakage resilience through dual system encryption. In TCC, pages 70--88, 2011.
[31]
S. Micali and L. Reyzin. Physically observable cryptography (extended abstract). In TCC, pages 278--296, 2004.
[32]
M. Naor and G. Segev. Public-key cryptosystems resilient to key leakage. In CRYPTO, pages 18--35, 2009.
[33]
C. Petit, F.-X. Standaert, O. Pereira, T. Malkin, and M. Yung. A block cipher based pseudo random number generator secure against side-channel key recovery. In ASIACCS, pages 56--65, 2008.
[34]
K. Pietrzak. A leakage-resilient mode of operation. In EUROCRYPT, pages 462--482, 2009.
[35]
J.-J. Quisquater and D. Samyde. Electromagnetic analysis (ema): Measures and counter-measures for smart cards. In E-smart, pages 200--210, 2001.
[36]
R. L. Rivest. All-or-nothing encryption and the package transform. In FSE, pages 210--218, 1997.
[37]
B. University. Reliable computing laboratory. Side channel attacks database. http://www.sidechannelattacks.com.

Cited By

View all

Index Terms

  1. Distributed public key schemes secure against continual leakage

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    PODC '12: Proceedings of the 2012 ACM symposium on Principles of distributed computing
    July 2012
    410 pages
    ISBN:9781450314503
    DOI:10.1145/2332432
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 16 July 2012

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. cca2-security
    2. continual leakage
    3. distributed public key encryption
    4. ibe

    Qualifiers

    • Research-article

    Conference

    PODC '12
    Sponsor:

    Acceptance Rates

    Overall Acceptance Rate 740 of 2,477 submissions, 30%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)16
    • Downloads (Last 6 weeks)1
    Reflects downloads up to 17 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2020)Novel Public-Key Encryption with Continuous Leakage AmplificationThe Computer Journal10.1093/comjnl/bxaa124Online publication date: 15-Oct-2020
    • (2019)A survey of leakage-resilient cryptographyProviding Sound Foundations for Cryptography10.1145/3335741.3335768(727-794)Online publication date: 4-Oct-2019
    • (2019)Continuous leakage-resilient identity-based encryption with leakage amplificationDesigns, Codes and Cryptography10.1007/s10623-019-00605-0Online publication date: 23-Jan-2019
    • (2017)Continuous Leakage-Resilient Public-Key Encryption Scheme with CCA SecurityThe Computer Journal10.1093/comjnl/bxw110Online publication date: 11-Jan-2017
    • (2016)Continuous leakage-resilient certificate-based encryptionInformation Sciences: an International Journal10.1016/j.ins.2016.03.032355:C(1-14)Online publication date: 10-Aug-2016
    • (2016)Hierarchical attribute‐based encryption with continuous auxiliary inputs leakageSecurity and Communication Networks10.1002/sec.16599:18(4852-4862)Online publication date: 15-Dec-2016
    • (2016)Provably secure identity-based encryption resilient to post-challenge continuous auxiliary input leakageSecurity and Communication Networks10.1002/sec.13969:10(1016-1024)Online publication date: 10-Jul-2016
    • (2015)Lightweight Data Storage Based on Secret Sharing for Cloud DataProceedings of the 2015 Ninth International Conference on Frontier of Computer Science and Technology10.1109/FCST.2015.79(264-267)Online publication date: 26-Aug-2015
    • (2014)One-sided leakage-resilient privacy only two-message oblivious transferJournal of Information Security and Applications10.1016/j.jisa.2014.10.00219:4(295-300)Online publication date: 1-Nov-2014
    • (2014)Leakage-resilient coin tossingDistributed Computing10.1007/s00446-013-0206-z27:3(147-164)Online publication date: 1-Jun-2014
    • Show More Cited By

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media