Limits of a conjecture on a leakage-resilient cryptosystem

David Galindo 1 Srinivas Vivek 2
1 CASSIS - Combination of approaches to the security of infinite states systems
FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies, Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : Recently it was conjectured that an ElGamal-based public-key encryption scheme with stateful decryption resists lunch-time chosen ciphertext and leakage attacks in the only computation leaks information model. We give a non-trivial upper bound on the amount of leakage tolerated by this conjecture. More precisely, we prove that the conjecture does not hold if more than a View the MathML source fraction of the bits are leaked at every decryption step, by showing a lunch-time attack that recovers the full secret key. The attack uses a new variant of the Hidden Number Problem, that we call Hidden Shares - Hidden Number Problem, which is of independent interest.
Type de document :
Article dans une revue
Information Processing Letters, Elsevier, 2014, 114 (4), pp.192-196. 〈http://www.sciencedirect.com/science/article/pii/S0020019013002949〉. 〈10.1016/j.ipl.2013.11.014〉
Liste complète des métadonnées

https://hal.inria.fr/hal-00933429
Contributeur : David Galindo <>
Soumis le : lundi 20 janvier 2014 - 15:01:08
Dernière modification le : jeudi 11 janvier 2018 - 06:24:26

Identifiants

Citation

David Galindo, Srinivas Vivek. Limits of a conjecture on a leakage-resilient cryptosystem. Information Processing Letters, Elsevier, 2014, 114 (4), pp.192-196. 〈http://www.sciencedirect.com/science/article/pii/S0020019013002949〉. 〈10.1016/j.ipl.2013.11.014〉. 〈hal-00933429〉

Partager

Métriques

Consultations de la notice

349