### Signature Schemes with Bounded Leakage Resilience

Jonathan Katz

##### Abstract

A leakage-resilient cryptosystem remains secure even if arbitrary, but bounded, information about the secret key (or possibly other internal state information) is leaked to an adversary. Denote the length of the secret key by $n$. We show a signature scheme tolerating (optimal) leakage of up to $n-n^\epsilon$ bits of information about the secret key, and a more efficient one-time signature scheme that tolerates leakage of $(\frac{1}{4}-\epsilon) \cdot n$ bits of information about the signer's entire state. The latter construction extends to give a leakage-resilient $t$-time signature scheme. All these constructions are in the standard model under general assumptions.

Note: Replaces ePrint report 2009/133

Available format(s)
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
signaturesleakage resilience
Contact author(s)
jkatz @ cs umd edu
History
Short URL
https://ia.cr/2009/220

CC BY

BibTeX

@misc{cryptoeprint:2009/220,
author = {Jonathan Katz},
title = {Signature Schemes with Bounded Leakage Resilience},
howpublished = {Cryptology ePrint Archive, Paper 2009/220},
year = {2009},
note = {\url{https://eprint.iacr.org/2009/220}},
url = {https://eprint.iacr.org/2009/220}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.