| In traditional cryptography, the standard way of examining the security of a scheme is to analyze it in a black-box manner, where each legally involved party has its own local secrets and works similarly as an interactive Turing machine. Additionally, adver-saries in these models can only access the secrets in some restricted ways. However, this assumption may not always hold in reality since the adversary can use some unintended ways to fetch some confidential information. One important class of such ways is called side channel attacks. Furthermore, it has turned out that many classical cryptographic systems that are believed to be secure in the black-box models are broken under these attacks.Weak key-leakage attacks were first presented by Akavia, Goldwasser et al. (TC-C’09), which can be viewed as a non-adaptive version of the key-leakage attacks. Since most key-leakage attacks in reality tend to be weak key-leakage attacks, weak key-leakage resilient schemes can provide proper security in some scenarios. We mainly consider models of weak key-leakage attacks and the corresponding constructions in this paper.We extend the transformation paradigm presented by Naor and Segev that can trans-form from any chosen-plaintext secure public-key encryption (PKE) scheme to a chosen-plaintext weak key-leakage secure PKE scheme. Our extensions are two-fold. Firstly, we extend the paradigm into chosen-ciphertext attack scenarios and prove that the properties of it still hold in these scenarios. We also give an instantiation based on DDH assumption in this setting. Additionally, we extend the paradigm to cover more side channel attacks under the consideration of different types of leakage functions. We further consider at-tacks requiring the secret key still has enough min-entropy after leaking and prove the original paradigm is still applicable in this case with chosen-ciphertext attacks. Attacks that require the secret key is computationally infeasible to recover given the leakage infor-mation are taken into consideration as well. And we formalize the informal discusses by Naor and Segev in (SLAM’12) on how to adapt the original paradigm in this new models. |
PDF Full Text Request