Paper 2015/857

Unifying Leakage Classes: Simulatable Leakage and Pseudoentropy

Benjamin Fuller and Ariel Hamlin

Abstract

Leakage-resilient cryptography builds systems that withstand partial adversary knowledge of secret state. Ideally, leakage-resilient systems withstand current and future attacks; restoring confidence in the security of implemented cryptographic systems. Understanding the relation between classes of leakage functions is an important aspect. In this work, we consider the memory leakage model, where the leakage class contains functions over the system's entire secret state. Standard classes include functions with bounded output length, functions that retain (pseudo)~entropy in the secret, and functions that leave the secret computationally unpredictable. Standaert, Pereira, and Yu (Crypto, 2013) introduced a new class of leakage functions they call simulatable leakage. A leakage function is simulatable if a simulator can produce indistinguishable leakage without access to the true secret state. We extend their notion to general applications and consider two versions. For weak simulatability: the simulated leakage must be indistinguishable from the true leakage in the presence of public information. For strong simulatability, this requirement must also hold when the distinguisher has access to the true secret state. We show the following: * Weakly simulatable functions retain computational unpredictability. * Strongly simulatability functions retain pseudoentropy. * There are bounded length functions that are not weakly simulatable. * There are weakly simulatable functions that remove pseudoentropy. * There are leakage functions that retain computational unpredictability are not weakly simulatable.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Published elsewhere. Minor revision. ICITS 2015
DOI
10.1007/978-3-319-17470-9_5
Keywords
leakage-resilient cryptographyinformation-theorypseudoentropyHILL entropyunpredictability
Contact author(s)
bfuller @ cs bu edu
History
2015-09-06: received
Short URL
https://ia.cr/2015/857
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/857,
      author = {Benjamin Fuller and Ariel Hamlin},
      title = {Unifying Leakage Classes: Simulatable Leakage and Pseudoentropy},
      howpublished = {Cryptology ePrint Archive, Paper 2015/857},
      year = {2015},
      doi = {10.1007/978-3-319-17470-9_5},
      note = {\url{https://eprint.iacr.org/2015/857}},
      url = {https://eprint.iacr.org/2015/857}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.