Paper 2011/204

Leakage Tolerant Interactive Protocols

Nir Bitansky, Ran Canetti, and Shai Halevi


We put forth a framework for expressing security requirements from interactive protocols in the presence of arbitrary leakage. This allows capturing different levels of leakage tolerance of protocols, namely the preservation (or degradation) of security, under coordinated attacks that include various forms of leakage from the secret states of participating components. The framework extends the universally composable (UC) security framework. We also prove a variant of the UC theorem, that enables modular design and analysis of protocols even in face of general, non-modular leakage. We then construct leakage tolerant protocols for basic tasks, such as, secure message transmission, message authentication, commitment, oblivious transfer and zero knowledge. A central component in several of our constructions is the observation that resilience to adaptive party corruptions (in some strong sense) implies leakage-tolerance in an essentially optimal way.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
nirbitan @ tau ac il
2011-04-28: revised
2011-04-25: received
See all versions
Short URL
Creative Commons Attribution


      author = {Nir Bitansky and Ran Canetti and Shai Halevi},
      title = {Leakage Tolerant Interactive Protocols},
      howpublished = {Cryptology ePrint Archive, Paper 2011/204},
      year = {2011},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.