efficient public key cryptosystem resilient to key leakage chosen ciphertext attacks

ISCAS OpenIR

	efficient public key cryptosystem resilient to key leakage chosen ciphertext attacks
	Liu Shengli; Weng Jian; Zhao Yunlei
	2013
会议名称	Cryptographers' Track at the RSA Conference 2013, CT-RSA 2013
会议录名称	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
页码	84-100
会议日期	February 25, 2013 - March 1, 2013
会议地点	San Francisco, CA, United states
收录类别	EI
ISSN	0302-9743
ISBN	9783642360947
部门归属	(1) Dept. of Computer Science and Engineering Shanghai Jiao Tong University Shanghai 200240 China; (2) Department of Computer Science Emergency Technology Research Center of Risk Evaluation and Prewarning on Public Network Security Jinan University China; (3) Software School Fudan University Shanghai 201203 China; (4) State Key Laboratory of Information Security Institute of Information Engineering Chinese Academy of Sciences Beijing 100093 China; (5) Shanghai Key Laboratory of Scalable Computing and Systems Shanghai China
摘要	Leakage-resilient public key encryption (PKE) schemes are designed to resist "memory attacks", i.e., the adversary recovers the cryptographic key in the memory adaptively, but subject to constraint that the total amount of leaked information about the key is bounded by some parameter λ. Among all the IND-CCA2 leakage-resilient PKE proposals, the leakage-resilient version of the Cramer-Shoup cryptosystem (CS-PKE), referred to as the KL-CS-PKE scheme proposed by Naor and Segev in Crypto09, is the most practical one. But, the key leakage parameter λ and plaintext length m of KL-CS-PKE are subject to λ + m &le log q - ω(log κ), where κ is security parameter and q is the prime order of the group on which the scheme is based. Such a dependence between λ and m is undesirable. For example, when λ (resp., m) approaches to log q, m (resp., λ) approaches to 0. In this paper, we designed a new variant of CS-PKE that is resilient to key leakage chosen ciphertext attacks. Our proposal is λ &le log q - ω(log κ) leakage-resilient, and the leakage parameter λ is independent of the plaintext space that has the constant size q (exactly the same as that in CS-PKE). The performance of our proposal is almost as efficient as the original CS-PKE. As far as we know, this is the first leakage-resilient CS-type cryptosystem whose plaintext length is independent of the key leakage parameter, and is also the most efficient IND-CCA2 PKE scheme resilient to up to log q - ω(log κ) leakage. © 2013 Springer-Verlag.; Leakage-resilient public key encryption (PKE) schemes are designed to resist "memory attacks", i.e., the adversary recovers the cryptographic key in the memory adaptively, but subject to constraint that the total amount of leaked information about the key is bounded by some parameter λ. Among all the IND-CCA2 leakage-resilient PKE proposals, the leakage-resilient version of the Cramer-Shoup cryptosystem (CS-PKE), referred to as the KL-CS-PKE scheme proposed by Naor and Segev in Crypto09, is the most practical one. But, the key leakage parameter λ and plaintext length m of KL-CS-PKE are subject to λ + m &le log q - ω(log κ), where κ is security parameter and q is the prime order of the group on which the scheme is based. Such a dependence between λ and m is undesirable. For example, when λ (resp., m) approaches to log q, m (resp., λ) approaches to 0. In this paper, we designed a new variant of CS-PKE that is resilient to key leakage chosen ciphertext attacks. Our proposal is λ &le log q - ω(log κ) leakage-resilient, and the leakage parameter λ is independent of the plaintext space that has the constant size q (exactly the same as that in CS-PKE). The performance of our proposal is almost as efficient as the original CS-PKE. As far as we know, this is the first leakage-resilient CS-type cryptosystem whose plaintext length is independent of the key leakage parameter, and is also the most efficient IND-CCA2 PKE scheme resilient to up to log q - ω(log κ) leakage. © 2013 Springer-Verlag.
关键词	Artificial Intelligence
语种	英语
内容类型	会议论文
URI标识	http://ir.iscas.ac.cn/handle/311060/15904
专题	中国科学院软件研究所
推荐引用方式 GB/T 7714	Liu Shengli,Weng Jian,Zhao Yunlei. efficient public key cryptosystem resilient to key leakage chosen ciphertext attacks[C],2013:84-100.