A Leakage-Resilient Pairing-Based Variant of the Schnorr Signature Scheme

David Galindo 1 Srinivas Vivek 2
1 CASSIS - Combination of approaches to the security of infinite states systems
FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies (UMR 6174), INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : Leakage-resilient cryptography aims at capturing side-channel attacks within the provable security framework. Currently there exists a plethora of schemes with provably secure guarantees against a variety of side-channel attacks. However, meeting the strongest security levels (resilience against continual leakage attacks) under the weakest assumptions leads currently to costly schemes. Additionally, recent results show the impossibility to achieve the strongest leakage-resilient security levels for cryptosystems whose secret key is uniquely determined by its public key. The above justifies the use of stronger assumptions to achieve simpler, more efficient schemes, since most deployed and practical cryptosystems satisfy the above-mentioned uniqueness of the secret key property. In particular, the Schnorr-based leakage-resilient digital signature schemes proposed up to now are built by gluing together ℓ-copies of the basic signature scheme, resulting in a public key that admits exponentially-many secret keys. Furthermore, the space needed to store the secret key material is proportional to the leakage tolerated by these schemes. We aim at designing a leakage-resilient variant of the Schnorr signature scheme whose secret key’s storage space is constant, independently of the amount of leakage that it can tolerate. We assume that at any given time only the parts of the memory in use leak (split-state/only computation leaks information model); we ease the problem of exhibiting a security reduction by relying on generic groups (generic bilinear group model). We proceed by first proposing a pairing analogue of the Schnorr signature scheme, that we next transform to include split signing key updates. We give a leakage-resilience lower bound in generic bilinear groups against continual leakage attacks for the new scheme.
Type de document :
Communication dans un congrès
Stam, Martijn. IMACC 2013 - 14th IMA International Conference Cryptography and Coding, Dec 2013, Oxford, United Kingdom. Springer, LNCS, 8308, pp.173-192, 2013, IMACC 2013: Cryptography and Coding. 〈http://www.springer.com/computer/security+and+cryptology/book/978-3-642-45238-3〉. 〈10.1007/978-3-642-45239-0_11〉
Liste complète des métadonnées

https://hal.inria.fr/hal-00909745
Contributeur : David Galindo <>
Soumis le : mardi 26 novembre 2013 - 17:36:20
Dernière modification le : vendredi 6 juillet 2018 - 15:06:10

Lien texte intégral

Identifiants

Citation

David Galindo, Srinivas Vivek. A Leakage-Resilient Pairing-Based Variant of the Schnorr Signature Scheme. Stam, Martijn. IMACC 2013 - 14th IMA International Conference Cryptography and Coding, Dec 2013, Oxford, United Kingdom. Springer, LNCS, 8308, pp.173-192, 2013, IMACC 2013: Cryptography and Coding. 〈http://www.springer.com/computer/security+and+cryptology/book/978-3-642-45238-3〉. 〈10.1007/978-3-642-45239-0_11〉. 〈hal-00909745〉

Partager

Métriques

Consultations de la notice

185