Cryptology ePrint Archive: Report 2013/292

A Leakage Resilient MAC

Daniel P. Martin and Elisabeth Oswald and Martijn Stam and Marcin Wojcik

Abstract: We put forward the first practical message authentication code (MAC) which is provably secure against continuous leakage under the Only Computation Leaks Information (OCLI) assumption. Within the context of continuous leakage, we introduce a novel modular proof technique: while most previous schemes are proven secure directly in the face of leakage, we reduce the (leakage) security of our scheme to its non-leakage security. This modularity, while known in other contexts, has two advantages: it makes it clearer which parts of the proof rely on which assumptions (i.e. whether a given assumption is needed for the leakage or the non- leakage security) and it also means that, if the security of the non-leakage version is improved, the security in the face of leakage is improved ‘for free’. We conclude the paper by discussing implementations; one on a popular core for embedded systems (the ARM Cortex-M4) and one on a high end processor (Intel i7), and investigate some performance and security aspects.

Category / Keywords: Leakage Resilience, Message Authentication Code, Provable Security, Side Channels, Imple- mentation

Original Publication (with minor differences): 15th International Conference on Cryptography and Coding

Date: received 16 May 2013, last revised 9 Sep 2015

Contact author: Elisabeth Oswald at bristol ac uk

Available format(s): PDF | BibTeX Citation

Note: Added results after implementing the scheme

Version: 20150909:121957 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]