{"conference":{"name":"TCC: Theory of Cryptography Conference"},"date_created":"2018-12-11T12:02:11Z","title":"Parallel repetition for leakage resilience amplification revisited","publisher":"Springer","date_updated":"2021-01-12T07:42:00Z","month":"01","publication_status":"published","alternative_title":["LNCS"],"day":"01","page":"58 - 69","status":"public","doi":"10.1007/978-3-642-19571-6_5","volume":"6597 ","quality_controlled":0,"year":"2011","extern":1,"date_published":"2011-01-01T00:00:00Z","abstract":[{"lang":"eng","text":"If a cryptographic primitive remains secure even if ℓ bits about the secret key are leaked to the adversary, one would expect that at least one of n independent instantiations of the scheme remains secure given n·ℓ bits of leakage. This intuition has been proven true for schemes satisfying some special information-theoretic properties by Alwen et al. [Eurocrypt'10]. On the negative side, Lewko and Waters [FOCS'10] construct a CPA secure public-key encryption scheme for which this intuition fails. The counterexample of Lewko and Waters leaves open the interesting possibility that for any scheme there exists a constant c>0, such that n fold repetition remains secure against c·n·ℓ bits of leakage. Furthermore, their counterexample requires the n copies of the encryption scheme to share a common reference parameter, leaving open the possibility that the intuition is true for all schemes without common setup. In this work we give a stronger counterexample ruling out these possibilities. We construct a signature scheme such that: 1. a single instantiation remains secure given ℓ = log(k) bits of leakage where k is a security parameter. 2. any polynomial number of independent instantiations can be broken (in the strongest sense of key-recovery) given ℓ′ = poly(k) bits of leakage. Note that ℓ does not depend on the number of instances. The computational assumption underlying our counterexample is that non-interactive computationally sound proofs exist. Moreover, under a stronger (non-standard) assumption about such proofs, our counterexample does not require a common reference parameter. The underlying idea of our counterexample is rather generic and can be applied to other primitives like encryption schemes. © 2011 International Association for Cryptologic Research."}],"author":[{"full_name":"Jain, Abhishek","last_name":"Jain","first_name":"Abhishek"},{"last_name":"Pietrzak","full_name":"Krzysztof Pietrzak","first_name":"Krzysztof Z","orcid":"0000-0002-9139-1654","id":"3E04A7AA-F248-11E8-B48F-1D18A9856A87"}],"citation":{"mla":"Jain, Abhishek, and Krzysztof Z. Pietrzak. Parallel Repetition for Leakage Resilience Amplification Revisited. Vol. 6597, Springer, 2011, pp. 58–69, doi:10.1007/978-3-642-19571-6_5.","short":"A. Jain, K.Z. Pietrzak, in:, Springer, 2011, pp. 58–69.","ista":"Jain A, Pietrzak KZ. 2011. Parallel repetition for leakage resilience amplification revisited. TCC: Theory of Cryptography Conference, LNCS, vol. 6597, 58–69.","ieee":"A. Jain and K. Z. Pietrzak, “Parallel repetition for leakage resilience amplification revisited,” presented at the TCC: Theory of Cryptography Conference, 2011, vol. 6597, pp. 58–69.","ama":"Jain A, Pietrzak KZ. Parallel repetition for leakage resilience amplification revisited. In: Vol 6597. Springer; 2011:58-69. doi:10.1007/978-3-642-19571-6_5","chicago":"Jain, Abhishek, and Krzysztof Z Pietrzak. “Parallel Repetition for Leakage Resilience Amplification Revisited,” 6597:58–69. Springer, 2011. https://doi.org/10.1007/978-3-642-19571-6_5.","apa":"Jain, A., & Pietrzak, K. Z. (2011). Parallel repetition for leakage resilience amplification revisited (Vol. 6597, pp. 58–69). Presented at the TCC: Theory of Cryptography Conference, Springer. https://doi.org/10.1007/978-3-642-19571-6_5"},"publist_id":"3443","_id":"3236","type":"conference"}