Skip to Main content Skip to Navigation
Journal articles

Limits of a conjecture on a leakage-resilient cryptosystem

David Galindo 1 Srinivas Vivek 2
1 CASSIS - Combination of approaches to the security of infinite states systems
FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies (UMR 6174), Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : Recently it was conjectured that an ElGamal-based public-key encryption scheme with stateful decryption resists lunch-time chosen ciphertext and leakage attacks in the only computation leaks information model. We give a non-trivial upper bound on the amount of leakage tolerated by this conjecture. More precisely, we prove that the conjecture does not hold if more than a View the MathML source fraction of the bits are leaked at every decryption step, by showing a lunch-time attack that recovers the full secret key. The attack uses a new variant of the Hidden Number Problem, that we call Hidden Shares - Hidden Number Problem, which is of independent interest.
Document type :
Journal articles
Complete list of metadatas
Contributor : David Galindo <>
Submitted on : Monday, January 20, 2014 - 3:01:08 PM
Last modification on : Wednesday, September 16, 2020 - 10:43:29 AM

Links full text



David Galindo, Srinivas Vivek. Limits of a conjecture on a leakage-resilient cryptosystem. Information Processing Letters, Elsevier, 2014, 114 (4), pp.192-196. ⟨10.1016/j.ipl.2013.11.014⟩. ⟨hal-00933429⟩



Record views