Paper 2013/292
A Leakage Resilient MAC
Daniel P. Martin, Elisabeth Oswald, Martijn Stam, and Marcin Wojcik
Abstract
We put forward the first practical message authentication code (MAC) which is provably secure against continuous leakage under the Only Computation Leaks Information (OCLI) assumption. Within the context of continuous leakage, we introduce a novel modular proof technique: while most previous schemes are proven secure directly in the face of leakage, we reduce the (leakage) security of our scheme to its non-leakage security. This modularity, while known in other contexts, has two advantages: it makes it clearer which parts of the proof rely on which assumptions (i.e. whether a given assumption is needed for the leakage or the non- leakage security) and it also means that, if the security of the non-leakage version is improved, the security in the face of leakage is improved ‘for free’. We conclude the paper by discussing implementations; one on a popular core for embedded systems (the ARM Cortex-M4) and one on a high end processor (Intel i7), and investigate some performance and security aspects.
Note: Added results after implementing the scheme
Metadata
- Available format(s)
-
PDF
- Publication info
- Published elsewhere. Minor revision. 15th International Conference on Cryptography and Coding
- Keywords
- Leakage ResilienceMessage Authentication CodeProvable SecuritySide ChannelsImple- mentation
- Contact author(s)
- Elisabeth Oswald @ bristol ac uk
- History
- 2015-09-09: last of 3 revisions
- 2013-05-23: received
- See all versions
- Short URL
- https://ia.cr/2013/292
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2013/292,
author = {Daniel P. Martin and Elisabeth Oswald and Martijn Stam and Marcin Wojcik},
title = {A Leakage Resilient {MAC}},
howpublished = {Cryptology {ePrint} Archive, Paper 2013/292},
year = {2013},
url = {https://eprint.iacr.org/2013/292}
}
