Paper 2014/517

On the Connection between Leakage Tolerance and Adaptive Security

Jesper Buus Nielsen, Daniele Venturi, and Angela Zottarel

Abstract

We revisit the context of leakage-tolerant interactive protocols as defined by Bitanski, Canetti and Halevi (TCC 2012). Our contributions can be summarized as follows: \begin{itemize} \item For the purpose of secure message transmission, any encryption protocol with message space and secret key space tolerating poly-logarithmic leakage on the secret state of the receiver must satisfy , for every , and if , then the scheme must use a fresh key pair to encrypt each message. \item More generally, we show that any party protocol tolerates leakage of bits from one party at the end of the protocol execution, \emph{if and only if} the protocol has passive adaptive security against an adaptive corruption of one party at the end of the protocol execution. This shows that as soon as a little leakage is tolerated, one needs full adaptive security. \end{itemize} All our results can be based on the only assumption that collision-resistant function ensembles exist.

Note: Slightly revised version. Updated bibliography.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A minor revision of an IACR publication in PKC 2013
Keywords
leakage resilienceadaptive security
Contact author(s)
jbn @ cs au dk
History
2015-03-12: last of 2 revisions
2014-07-02: received
See all versions
Short URL
https://ia.cr/2014/517
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2014/517,
      author = {Jesper Buus Nielsen and Daniele Venturi and Angela Zottarel},
      title = {On the Connection between Leakage Tolerance and Adaptive Security},
      howpublished = {Cryptology {ePrint} Archive, Paper 2014/517},
      year = {2014},
      url = {https://eprint.iacr.org/2014/517}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.