Leakage-Resilient Public-Key Cryptography in the Bounded-Retrieval Model

Leakage-Resilient Inner-Product Functional Encryption in the Bounded-Retrieval Model

Information and Communications Security - Lecture Notes in Computer Science ◽

10.1007/978-3-030-61078-4_32 ◽

2020 ◽

pp. 565-587

Author(s):

Linru Zhang ◽

Xiangning Wang ◽

Yuechen Chen ◽

Siu-Ming Yiu

Keyword(s):

Inner Product ◽

Retrieval Model ◽

Functional Encryption ◽

Leakage Resilient ◽

Bounded Retrieval Model

Download Full-text

Fully leakage-resilient signatures revisited: Graceful degradation, noisy leakage, and construction in the bounded-retrieval model

Theoretical Computer Science ◽

10.1016/j.tcs.2016.11.016 ◽

2017 ◽

Vol 660 ◽

pp. 23-56 ◽

Cited By ~ 6

Author(s):

Antonio Faonio ◽

Jesper Buus Nielsen ◽

Daniele Venturi

Keyword(s):

Retrieval Model ◽

Graceful Degradation ◽

Leakage Resilient ◽

Bounded Retrieval Model

Download Full-text

Leakage-Resilient Identity-Based Encryption in Bounded Retrieval Model with Nearly Optimal Leakage-Ratio

Public-Key Cryptography – PKC 2019 - Lecture Notes in Computer Science ◽

10.1007/978-3-030-17253-4_16 ◽

2019 ◽

pp. 466-495 ◽

Cited By ~ 3

Author(s):

Ryo Nishimaki ◽

Takashi Yamakawa

Keyword(s):

Retrieval Model ◽

Identity Based Encryption ◽

Leakage Resilient ◽

Identity Based ◽

Bounded Retrieval Model

Download Full-text

Public-Key Encryption in the Bounded-Retrieval Model

Advances in Cryptology – EUROCRYPT 2010 - Lecture Notes in Computer Science ◽

10.1007/978-3-642-13190-5_6 ◽

2010 ◽

pp. 113-134 ◽

Cited By ~ 101

Author(s):

Joël Alwen ◽

Yevgeniy Dodis ◽

Moni Naor ◽

Gil Segev ◽

Shabsi Walfish ◽

...

Keyword(s):

Public Key ◽

Public Key Encryption ◽

Retrieval Model ◽

Bounded Retrieval Model

Download Full-text

Fully Leakage-Resilient Non-malleable Identification Schemes in the Bounded-Retrieval Model

Advances in Information and Computer Security - Lecture Notes in Computer Science ◽

10.1007/978-3-319-22425-1_10 ◽

2015 ◽

pp. 153-172

Author(s):

Tingting Zhang ◽

Hongda Li

Keyword(s):

Retrieval Model ◽

Identification Schemes ◽

Leakage Resilient ◽

Bounded Retrieval Model

Download Full-text

New approach to practical leakage-resilient public-key cryptography

Journal of Mathematical Cryptology ◽

10.1515/jmc-2019-0014 ◽

2020 ◽

Vol 14 (1) ◽

pp. 172-201

Author(s):

Suvradip Chakraborty ◽

Janaka Alawatugoda ◽

Chandrasekaran Pandu Rangan

Keyword(s):

Public Key Cryptography ◽

Key Exchange ◽

Leakage Rate ◽

Public Key ◽

Security Model ◽

New Approach ◽

Leakage Model ◽

Leakage Resilient ◽

Hardware Component ◽

Proof Techniques

AbstractWe present a new approach to construct several leakage-resilient cryptographic primitives, including leakage-resilient public-key encryption (PKE) schemes, authenticated key exchange (AKE) protocols and low-latency key exchange (LLKE) protocols. To this end, we introduce a new primitive called leakage-resilient non-interactive key exchange (LR-NIKE) protocol. We introduce an appropriate security model for LR-NIKE protocols in the bounded memory leakage (BML) settings. We then show a secure construction of the LR-NIKE protocol in the BML setting that achieves an optimal leakage rate, i.e., 1 – o(1). Our construction of LR-NIKE requires a minimal use of a leak-free hardware component. We argue that the use of such a leak-free hardware component seems to be unavoidable in any construction of an LR-NIKE protocol, even in the BML setting. Finally, we show how to construct the aforementioned leakage-resilient primitives from such an LR-NIKE protocol as summarized below. All these primitives also achieve the same (optimal) leakage rate as the underlying LR-NIKE protocol. We show how to construct a leakage-resilient (LR) IND-CCA-2-secure PKE scheme in the BML model generically from a bounded LR-NIKE (BLR-NIKE) protocol. Our construction of LR-IND-CCA-2 secure PKE differs significantly from the state-of-the-art constructions of these primitives, which mainly use hash proof techniques to achieve leakage resilience. Moreover, our transformation preserves the leakage-rate of the underlying BLR-NIKE protocol. We introduce a new leakage model for AKE protocols, in the BML setting, and present a leakage-resilient AKE protocol construction from the LR-NIKE protocol. We introduce the first-ever leakage model for LLKE protocols in the BML setting and the first construction of such a leakage-resilient LLKE from the LR-NIKE protocol.

Download Full-text

Leakage-Resilient Outsourced Revocable Certificateless Signature with a Cloud Revocation Server

Information Technology And Control ◽

10.5755/j01.itc.49.4.25927 ◽

2020 ◽

Vol 49 (4) ◽

pp. 464-481

Author(s):

Yuh–Min Tseng ◽

Jui-Di Wu ◽

Sen-Shan Huang ◽

Tung-Tso Tsai

Keyword(s):

Public Key Cryptography ◽

Public Key ◽

Side Channel ◽

Key Generation ◽

Side Channel Attacks ◽

Signature Schemes ◽

Certificateless Cryptography ◽

Secret Keys ◽

Leakage Resilient ◽

Certificateless Signature

Certificateless public-key system (CL-PKS) is a significant public-key cryptography and it solves both the key escrow and certificate management problems. Outsourced revocable certificateless public-key system (ORCL-PKS) with a cloud revocation server (CRS) not only provides a revocation mechanism, but also further outsources the revocation functionality to the CRS to reduce the computational burden of the key generation center (KGC). Recently, side-channel attacks have threatened some existing conventional cryptography (including CL-PKS). Indeed, adversaries can apply side-channel attacks to derive fractional constituents of private (or secret) keys to damage the security of these cryptographic protocols (or schemes). To withstand such attacks, leakage-resilient cryptography is an attractive approach. However, little research concerns with leakage-resilient certificateless cryptography. In this paper, the first leakage-resilient outsourced revocable certificateless signature (LR-ORCLS) scheme is presented. The proposed scheme allows adversaries to continually derive fractional constituents of private (or secret) keys and possesses overall unbounded leakage property. In the generic bilinear group (GBG) model, our scheme is shown to be existential unforgeable against adversaries. Finally, the comparisons between the proposed scheme and the previous revocable certificateless signature schemes are provided to demonstrate the merits of the proposed scheme.

Download Full-text

Analisis dan Implementasi Protokol Otentikasi FIDO U2F

Jurnal ULTIMA Computing ◽

10.31937/sk.v9i1.571 ◽

2017 ◽

Vol 9 (1) ◽

pp. 30-35

Author(s):

Sunderi Pranata ◽

Hargyo Tri Nugroho ◽

Hirofumi Yamaki

Keyword(s):

Public Key Cryptography ◽

Authentication Protocol ◽

Public Key ◽

Next Generation ◽

Index Terms ◽

Mitm Attack

It is known that password itself is not enough for formidable authentication method since it has a lot of vulnerabilities. Multi factor authentication (MFA) is introduced for the next generation for good authentication to address that issue. MFA combines two or more of three principles of good security, “something you know”, “something you have”, and “something you are”. Most MFA mechanisms work as one time passwords (OTP). However, they can still be vulnerable to phishing and MiTM attack. On top of that, OTP can be hard to use as it requires user to input another password given by the device (SMS, token, authenticator). Implemented in small USB U2F device, FIDO U2F delivers easier yet stronger security on authentication process which implements public key cryptography, challenge-response protocol, and phishing and MitM protection. Index Terms— Authentication protocol, FIDO U2F, Multi factor authentication, OTP

Download Full-text