---
res:
bibo_abstract:
- Blinding is a popular and well-known countermeasure to protect public-key cryptosystems
against side-channel attacks. The high level idea is to randomize an exponentiation
in order to prevent multiple measurements of the same operation on different data,
as such measurements might allow the adversary to learn the secret exponent. Several
variants of blinding have been proposed in the literature, using additive or multiplicative
secret-sharing to blind either the base or the exponent. These countermeasures
usually aim at preventing particular side-channel attacks (mostly power analysis)
and come without any formal security guarantee. In this work we investigate to
which extend blinding can provide provable security against a general class of
side-channel attacks. Surprisingly, it turns out that in the context of public-key
encryption some blinding techniques are more suited than others. In particular,
we consider a multiplicatively blinded version of ElGamal public-key encryption
where - we prove that the scheme, instantiated over bilinear groups of prime order
p (where p - 1 is not smooth) is leakage resilient in the generic-group model.
Here we consider the model of chosen-ciphertext security in the presence of continuous
leakage, i.e., the scheme remains chosen-ciphertext secure even if with every
decryption query the adversary can learn a bounded amount (roughly log(p)/2 bits)
of arbitrary, adversarially chosen information about the computation. - we conjecture
that the scheme, instantiated over arbitrary groups of prime order p (where p
- 1 is not smooth) is leakage resilient. Previous to this work no encryption scheme
secure against continuous leakage was known. Constructing a scheme that can be
proven secure in the standard model remains an interesting open problem. @eng
bibo_authorlist:
- foaf_Person:
foaf_givenName: Eike
foaf_name: Kiltz, Eike
foaf_surname: Kiltz
- foaf_Person:
foaf_givenName: Krzysztof Z
foaf_name: Krzysztof Pietrzak
foaf_surname: Pietrzak
foaf_workInfoHomepage: http://www.librecat.org/personId=3E04A7AA-F248-11E8-B48F-1D18A9856A87
bibo_doi: 10.1007/978-3-642-17373-8_34
bibo_volume: 6477
dct_date: 2010^xs_gYear
dct_publisher: Springer@
dct_title: Leakage resilient ElGamal encryption@
...