Paper 2014/517

On the Connection between Leakage Tolerance and Adaptive Security

Jesper Buus Nielsen, Daniele Venturi, and Angela Zottarel

Abstract

We revisit the context of leakage-tolerant interactive protocols as defined by Bitanski, Canetti and Halevi (TCC 2012). Our contributions can be summarized as follows: \begin{itemize} \item For the purpose of secure message transmission, any encryption protocol with message space $\cM$ and secret key space $\cSK$ tolerating poly-logarithmic leakage on the secret state of the receiver must satisfy $|\cSK| \ge (1-\epsilon)|\cM|$, for every $0 < \epsilon \le 1$, and if $|\cSK| = |\cM|$, then the scheme must use a fresh key pair to encrypt each message. \item More generally, we show that any $n$ party protocol tolerates leakage of $\approx\poly(\log\spar)$ bits from one party at the end of the protocol execution, \emph{if and only if} the protocol has passive adaptive security against an adaptive corruption of one party at the end of the protocol execution. This shows that as soon as a little leakage is tolerated, one needs full adaptive security. \end{itemize} All our results can be based on the only assumption that collision-resistant function ensembles exist.

Note: Slightly revised version. Updated bibliography.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A minor revision of an IACR publication in PKC 2013
Keywords
leakage resilienceadaptive security
Contact author(s)
jbn @ cs au dk
History
2015-03-12: last of 2 revisions
2014-07-02: received
See all versions
Short URL
https://ia.cr/2014/517
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/517,
      author = {Jesper Buus Nielsen and Daniele Venturi and Angela Zottarel},
      title = {On the Connection between Leakage Tolerance and Adaptive Security},
      howpublished = {Cryptology ePrint Archive, Paper 2014/517},
      year = {2014},
      note = {\url{https://eprint.iacr.org/2014/517}},
      url = {https://eprint.iacr.org/2014/517}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.