TY - GEN

T1 - Signature Schemes Secure against Hard-to-Invert Leakage

AU - Faust, Sebastian

AU - Hazay, C.

AU - Nielsen, Jesper Buus

AU - Nordholt, Peter Sebastian

AU - Zottarel, Angela

N1 - Place of conference:China

PY - 2012

Y1 - 2012

N2 - Side-channel attacks allow the adversary to gain partial knowledge of the secret key when cryptographic protocols are implemented in real-world hardware. The goal of leakage resilient cryptography is to design cryptosystems that withstand such attacks. In the auxiliary input model, an adversary is allowed to see a computationally hard-to-invert function of the secret key. The auxiliary input model weakens the bounded leakage assumption commonly made in leakage resilient cryptography as the hard-to-invert function may information-theoretically reveal the entire secret key. In this work, we propose the first constructions of digital signature schemes that are secure in the auxiliary input model. Our main contribution is a digital signature scheme that is secure against chosen message attacks when given any exponentially hard-to-invert function of the secret key. As a second contribution, we construct a signature scheme that achieves security for random messages assuming that the adversary is given a polynomial-time hard-to-invert function (where both the challenge as well as the signatures seen prior to that are computed on random messages). Here, polynomial hardness is required even when given the entire public key. We further show that such signature schemes readily give us auxiliary input secure identification schemes.

AB - Side-channel attacks allow the adversary to gain partial knowledge of the secret key when cryptographic protocols are implemented in real-world hardware. The goal of leakage resilient cryptography is to design cryptosystems that withstand such attacks. In the auxiliary input model, an adversary is allowed to see a computationally hard-to-invert function of the secret key. The auxiliary input model weakens the bounded leakage assumption commonly made in leakage resilient cryptography as the hard-to-invert function may information-theoretically reveal the entire secret key. In this work, we propose the first constructions of digital signature schemes that are secure in the auxiliary input model. Our main contribution is a digital signature scheme that is secure against chosen message attacks when given any exponentially hard-to-invert function of the secret key. As a second contribution, we construct a signature scheme that achieves security for random messages assuming that the adversary is given a polynomial-time hard-to-invert function (where both the challenge as well as the signatures seen prior to that are computed on random messages). Here, polynomial hardness is required even when given the entire public key. We further show that such signature schemes readily give us auxiliary input secure identification schemes.

UR - https://scholar.google.co.il/scholar?q=Signature+Schemes+Secure+against+Hard-to-Invert+Leakage&btnG=&hl=en&as_sdt=0%2C5

M3 - Conference contribution

BT - ASIACRYPT

ER -