## Cryptology ePrint Archive: Report 2016/173

Circuit Compilers with O(1/ log(n)) Leakage Rate

Marcin Andrychowicz and Stefan Dziembowski and and Sebastian Faust

Abstract: The goal of leakage-resilient cryptography is to construct cryptographic algorithms that are secure even if the devices on which they are implemented leak information to the adversary. One of the main parameters for designing leakage resilient constructions is the leakage \emph{rate}, i.e., a proportion between the amount of leaked information and the complexity of the computation carried out by the construction. We focus on the so-called circuit compilers, which is an important tool for transforming any cryptographic algorithm (represented as a circuit) into one that is secure against the leakage attack. Our model is the probing attack'' where the adversary learns the values on some (chosen by him) wires of the circuit. Our results can be summarized as follows. First, we construct circuit compilers with perfect security and leakage rate $O(1/\log(n))$, where $n$ denotes the security parameter (previously known constructions achieved rate $O(1/n)$). Moreover, for the circuits that have only affine gates we obtain a construction with a constant leakage rate. In particular, our techniques can be used to obtain constant-rate leakage-resilient schemes for refreshing an encoded secret (previously known schemes could tolerate leakage rates $O(1/n)$). We also show that our main construction is secure against constant-rate leakage in the random probing leakage model, where the leaking wires are chosen randomly.

Category / Keywords: foundations / leakage resilience, masking

Original Publication (in the same form): IACR-EUROCRYPT-2016