Continuous Leakage Resilient Lossy Trapdoor Functions

Abstract Lossy trapdoor functions (LTFs), introduced by Peikert and Waters (STOC’08), have already been found to be a very useful tool in constructing complex cryptographic primitives in a black-box manner, such as one-way trapdoor functions, deterministic public-key encryption, CCA-secure public-key encryption, etc. Due to the existence of the side-channel attack, the leakage of trapdoor information in lossy trapdoor function systems can lead to the impossibility of provable security. Recently, Zhang et al. introduced a model of consecutive and continual leakage-resilient and updatable lossy trapdoor functions (ULTFs) and provided a concrete construction to achieve the security. Meanwhile, they proposed a consecutive and continual leakage-resilient public-key encryption scheme. However, in this paper, we demonstrate that the correctness of injective function can not be satisfied. Furthermore, the attacker can easily distinguish the evaluation key of ULTFs generated by the challenger according to the security model. Finally, we show two new constructions based on the continual leakage-resilient public-key encryption scheme of Brakerski et al. (FOCS 2010) and demonstrate the security of our scheme in the consecutive and continual leakage model.

Download Full-text

Shrinking the Keys of Discrete-Log-Type Lossy Trapdoor Functions

Applied Cryptography and Network Security - Lecture Notes in Computer Science ◽

10.1007/978-3-642-13708-2_3 ◽

2010 ◽

pp. 35-52 ◽

Cited By ~ 17

Author(s):

Xavier Boyen ◽

Brent Waters

Keyword(s):

Trapdoor Functions ◽

Lossy Trapdoor Functions

Download Full-text

Efficient Lossy Trapdoor Functions Based on Subgroup Membership Assumptions

Cryptology and Network Security - Lecture Notes in Computer Science ◽

10.1007/978-3-319-02937-5_13 ◽

2013 ◽

pp. 235-250 ◽

Cited By ~ 7

Author(s):

Haiyang Xue ◽

Bao Li ◽

Xianhui Lu ◽

Dingding Jia ◽

Yamin Liu

Keyword(s):

Trapdoor Functions ◽

Lossy Trapdoor Functions

Download Full-text

Inner-Product Lossy Trapdoor Functions and Applications

Applied Cryptography and Network Security - Lecture Notes in Computer Science ◽

10.1007/978-3-642-31284-7_12 ◽

2012 ◽

pp. 188-205

Author(s):

Xiang Xie ◽

Rui Xue ◽

Rui Zhang

Keyword(s):

Inner Product ◽

Trapdoor Functions ◽

Lossy Trapdoor Functions

Download Full-text

CCA Secure Public Key Encryption against After-the-Fact Leakage without NIZK Proofs

Security and Communication Networks ◽

10.1155/2019/8357241 ◽

2019 ◽

Vol 2019 ◽

pp. 1-8

Author(s):

Yi Zhao ◽

Kaitai Liang ◽

Bo Yang ◽

Liqun Chen

Keyword(s):

State Model ◽

Encryption Algorithm ◽

Public Key ◽

Public Key Encryption ◽

Split State ◽

Leakage Resilient ◽

Traditional Sense ◽

Definition Of ◽

Lossy Trapdoor Functions ◽

Chosen Ciphertext Attack

In leakage resilient cryptography, there is a seemingly inherent restraint on the ability of the adversary that it cannot get access to the leakage oracle after the challenge. Recently, a series of works made a breakthrough to consider a postchallenge leakage. They presented achievable public key encryption (PKE) schemes which are semantically secure against after-the-fact leakage in the split-state model. This model puts a more acceptable constraint on adversary’s ability that the adversary cannot query the leakage of secret states as a whole but the functions of several parts separately instead of prechallenge query only. To obtain security against chosen ciphertext attack (CCA) for PKE schemes against after-the-fact leakage attack (AFL), existing works followed the paradigm of “double encryption” which needs noninteractive zero knowledge (NIZK) proofs in the encryption algorithm. We present an alternative way to achieve AFL-CCA security via lossy trapdoor functions (LTFs) without NIZK proofs. First, we formalize the definition of LTFs secure against AFL (AFLR-LTFs) and all-but-one variants (ABO). Then, we show how to realize this primitive in the split-state model. This primitive can be used to construct AFLR-CCA secure PKE scheme in the same way as the method of “CCA from LTFs” in traditional sense.

Download Full-text