Paper 2010/404

On the Insecurity of Parallel Repetition for Leakage Resilience

Allison Lewko and Brent Waters


A fundamental question in leakage-resilient cryptography is: can leakage resilience always be amplified by parallel repetition? It is natural to expect that if we have a leakage-resilient primitive tolerating $\ell$ bits of leakage, we can take $n$ copies of it to form a system tolerating $n\ell$ bits of leakage. In this paper, we show that this is not always true. We construct a public key encryption system which is secure when at most $\ell$ bits are leaked, but if we take $n$ copies of the system and encrypt a share of the message under each using an $n$-out-of-$n$ secret-sharing scheme, leaking $n\ell$ bits renders the system insecure. Our results hold either in composite order bilinear groups under a variant of the subgroup decision assumption \emph{or} in prime order bilinear groups under the decisional linear assumption. We note that the $n$ copies of our public key systems share a common reference parameter.

Available format(s)
Publication info
Published elsewhere. this is a full version of a paper appearing in FOCS 2010
Contact author(s)
alewko @ cs utexas edu
2010-07-19: received
Short URL
Creative Commons Attribution


      author = {Allison Lewko and Brent Waters},
      title = {On the Insecurity of Parallel Repetition for Leakage Resilience},
      howpublished = {Cryptology ePrint Archive, Paper 2010/404},
      year = {2010},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.