TY - GEN
T1 - Signature schemes secure against hard-to-invert leakage
AU - Faust, Sebastian
AU - Hazay, Carmit
AU - Nielsen, Jesper Buus
AU - Nordholt, Peter Sebastian
AU - Zottarel, Angela
PY - 2012
Y1 - 2012
N2 - In the auxiliary input model an adversary is allowed to see a computationally hard-to-invert function of the secret key. The auxiliary input model weakens the bounded leakage assumption commonly made in leakage resilient cryptography as the hard-to-invert function may information-theoretically reveal the entire secret key. In this work, we propose the first constructions of digital signature schemes that are secure in the auxiliary input model. Our main contribution is a digital signature scheme that is secure against chosen message attacks when given an exponentially hard-to-invert function of the secret key. As a second contribution, we construct a signature scheme that achieves security for random messages assuming that the adversary is given a polynomialtime hard to invert function. Here, polynomial-hardness is required even when given the entire public-key - so called weak auxiliary input security. We show that such signature schemes readily give us auxiliary input secure identification schemes.
AB - In the auxiliary input model an adversary is allowed to see a computationally hard-to-invert function of the secret key. The auxiliary input model weakens the bounded leakage assumption commonly made in leakage resilient cryptography as the hard-to-invert function may information-theoretically reveal the entire secret key. In this work, we propose the first constructions of digital signature schemes that are secure in the auxiliary input model. Our main contribution is a digital signature scheme that is secure against chosen message attacks when given an exponentially hard-to-invert function of the secret key. As a second contribution, we construct a signature scheme that achieves security for random messages assuming that the adversary is given a polynomialtime hard to invert function. Here, polynomial-hardness is required even when given the entire public-key - so called weak auxiliary input security. We show that such signature schemes readily give us auxiliary input secure identification schemes.
UR - http://www.scopus.com/inward/record.url?scp=84871587528&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-34961-4_8
DO - 10.1007/978-3-642-34961-4_8
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84871587528
SN - 9783642349607
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 98
EP - 115
BT - Advances in Cryptology, ASIACRYPT 2012 - 18th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings
T2 - 18th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2012
Y2 - 2 December 2012 through 6 December 2012
ER -