How to Leak on Key Updates
Speaker: Allison Lewko , University of Texas at Austin
Date: December 3 2010
Time: 10:30AM to 12:00PM
Location: 32-G449 Patil/Kiva
Host: Shafi Goldwasser, CSAIL, MIT
Contact: Be Blackburn , 3-6098, imbe@mit.edu
Relevant URL: In the continual memory leakage model, security against attackers who
can repeatedly obtain leakage is achieved by periodically updating the
secret key. This is an appealing model which captures a wide class of
side-channel attacks, but all previous constructions in this model
provide only a very minimal amount of leakage tolerance during secret
key updates. Since key updates may happen frequently, improving
security guarantees against attackers who obtain leakage during these
updates is an important problem.
In this talk, we will discuss the particular challenges faced in
tolerating leakage during updates and introduce new techniques for
overcoming these obstacles. We present the first cryptographic
primitives which are secure against a super-logarithmic amount of
leakage during secret key updates: we provide signature and public key
encryption schemes in the standard model which can tolerate a constant
fraction of the secret key and update randomness to be leaked during
updates.
Our signature scheme also allows us to leak a constant fraction of the
entire secret state during signing. Before this work, it was unknown
how to tolerate super-logarithmic leakage during updates even in the
random oracle model. We rely on subgroup decision assumptions in
composite order bilinear groups.
Joint work with Mark Lewko and Brent Waters
See other events that are part of CIS Seminars 2010/2011
See other events happening in December 2010
