Leakage resilient ElGamal encryption

Kiltz E, Pietrzak KZ. 2010. Leakage resilient ElGamal encryption. ASIACRYPT: Theory and Application of Cryptology and Information Security, LNCS, vol. 6477, 595–612.

Download
No fulltext has been uploaded. References only!

Conference Paper | Published
Author
Series Title
LNCS
Abstract
Blinding is a popular and well-known countermeasure to protect public-key cryptosystems against side-channel attacks. The high level idea is to randomize an exponentiation in order to prevent multiple measurements of the same operation on different data, as such measurements might allow the adversary to learn the secret exponent. Several variants of blinding have been proposed in the literature, using additive or multiplicative secret-sharing to blind either the base or the exponent. These countermeasures usually aim at preventing particular side-channel attacks (mostly power analysis) and come without any formal security guarantee. In this work we investigate to which extend blinding can provide provable security against a general class of side-channel attacks. Surprisingly, it turns out that in the context of public-key encryption some blinding techniques are more suited than others. In particular, we consider a multiplicatively blinded version of ElGamal public-key encryption where - we prove that the scheme, instantiated over bilinear groups of prime order p (where p - 1 is not smooth) is leakage resilient in the generic-group model. Here we consider the model of chosen-ciphertext security in the presence of continuous leakage, i.e., the scheme remains chosen-ciphertext secure even if with every decryption query the adversary can learn a bounded amount (roughly log(p)/2 bits) of arbitrary, adversarially chosen information about the computation. - we conjecture that the scheme, instantiated over arbitrary groups of prime order p (where p - 1 is not smooth) is leakage resilient. Previous to this work no encryption scheme secure against continuous leakage was known. Constructing a scheme that can be proven secure in the standard model remains an interesting open problem.
Publishing Year
Date Published
2010-01-14
Publisher
Springer
Volume
6477
Page
595 - 612
Conference
ASIACRYPT: Theory and Application of Cryptology and Information Security
IST-REx-ID

Cite this

Kiltz E, Pietrzak KZ. Leakage resilient ElGamal encryption. In: Vol 6477. Springer; 2010:595-612. doi:10.1007/978-3-642-17373-8_34
Kiltz, E., & Pietrzak, K. Z. (2010). Leakage resilient ElGamal encryption (Vol. 6477, pp. 595–612). Presented at the ASIACRYPT: Theory and Application of Cryptology and Information Security, Springer. https://doi.org/10.1007/978-3-642-17373-8_34
Kiltz, Eike, and Krzysztof Z Pietrzak. “Leakage Resilient ElGamal Encryption,” 6477:595–612. Springer, 2010. https://doi.org/10.1007/978-3-642-17373-8_34.
E. Kiltz and K. Z. Pietrzak, “Leakage resilient ElGamal encryption,” presented at the ASIACRYPT: Theory and Application of Cryptology and Information Security, 2010, vol. 6477, pp. 595–612.
Kiltz E, Pietrzak KZ. 2010. Leakage resilient ElGamal encryption. ASIACRYPT: Theory and Application of Cryptology and Information Security, LNCS, vol. 6477, 595–612.
Kiltz, Eike, and Krzysztof Z. Pietrzak. Leakage Resilient ElGamal Encryption. Vol. 6477, Springer, 2010, pp. 595–612, doi:10.1007/978-3-642-17373-8_34.

Export

Marked Publications

Open Data ISTA Research Explorer

Search this title in

Google Scholar