Limits of a conjecture on a leakage-resilient cryptosystem

David Galindo 1 Srinivas Vivek 2
1 CASSIS - Combination of approaches to the security of infinite states systems
FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies (UMR 6174), Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : Recently it was conjectured that an ElGamal-based public-key encryption scheme with stateful decryption resists lunch-time chosen ciphertext and leakage attacks in the only computation leaks information model. We give a non-trivial upper bound on the amount of leakage tolerated by this conjecture. More precisely, we prove that the conjecture does not hold if more than a View the MathML source fraction of the bits are leaked at every decryption step, by showing a lunch-time attack that recovers the full secret key. The attack uses a new variant of the Hidden Number Problem, that we call Hidden Shares - Hidden Number Problem, which is of independent interest.
Document type :
Journal articles
Complete list of metadatas

https://hal.inria.fr/hal-00933429
Contributor : David Galindo <>
Submitted on : Monday, January 20, 2014 - 3:01:08 PM
Last modification on : Tuesday, December 18, 2018 - 4:38:25 PM

Links full text

Identifiers

Citation

David Galindo, Srinivas Vivek. Limits of a conjecture on a leakage-resilient cryptosystem. Information Processing Letters, Elsevier, 2014, 114 (4), pp.192-196. ⟨http://www.sciencedirect.com/science/article/pii/S0020019013002949⟩. ⟨10.1016/j.ipl.2013.11.014⟩. ⟨hal-00933429⟩

Share

Metrics

Record views

435