Design And Analysis Of Attribute-Based Encryption Against Side-Channel Attacks

Traditional cryptography is based on an ideal assumption that the adversary cannot obtain any information about the key and the internal state of the system.However,the study of side-channel attack shows that this idealized assumption does not hold in real life.Through side channel attacks,the adversary can obtain key information by using some physical nature of the cryptographic operation,such as time,power,radiation,and so on.Therefore,the key leakage problem has become one of the major threats to information security.It is extremely difficult to avoid such attacks by improving the performance of physical devices,and leakage-resilient cryptography provides an effective method to solve such problem.Leakage-resilient cryptography can still guarantee the security of the cryptology scheme while allowing the key leakage.This thesis studies the leakage-resilient attribute-based encryption,which involves efficiency improvement,the design of CCA security and extended application research.The main works are as follows:1.The leakage-resilient attribute-based encryption scheme with CCA2 security is constructed.Most of the existing leakage-resilient cryptography schemes only achieve CPA security.In this paper,a CPA secure leakage-resilient attribute-based encryption scheme is constructed under the relative leakage model.Based on this scheme,a CCA secure leakage-resilient attribute-based encryption scheme is constructed under the standard model.The scheme can tolerate log p-?(log ?)bit leakage,where ? is the security parameter and p is the order of the group,and the leakage parameter is independent of the message length.In addition,the private key of this scheme is constant and it also achieves anonymity.2.The leakage-resilient attribute-based broadcast encryption with constant size ciphertext is constructed under the continual auxiliary model.The computational complexity of decryption only depends on the number of receivers rather than the maximum number of receivers in the system.This scheme achieves adaptive security under the standard model based on the general subgroup decisional assumption.In addition,this scheme allows both the leakage of the master secret key and the private key.The performance analyses show that the proposed scheme is efficient and practical.