Leakage-resilient encryption is a powerful tool to protect data confidentiality against side channel attacks. In this work, we introduce a new and strong leakage setting to counter backdoor (or Trojan horse) plus covert channel attack, by relaxing the restrictions on leakage. We allow bounded leakage at anytime and anywhere and over anything. Our leakage threshold (e.g., 10,000 bits) could be much larger than typical secret key (e.g., AES key or RSA private key) size. Under such a strong leakage setting, we propose an efficient encryption scheme which is semantic secure in standard setting (i.e., without leakage) and can tolerate strong continuous leakage.We manage to construct such a secure scheme under strong leakage setting, by hiding partial (e.g., \(1\%\)) ciphertext as secure as we hide the secret key using a small amount of more secure hardware resource, so that it is almost equally difficult for any adversary to steal information regarding this well-protected partial ciphertext or the secret key. We remark that the size of such well-protected small portion of ciphertext is chosen to be much larger than the leakage threshold. We provide concrete and practical examples of such more secure hardware resource for data communication and data storage. Furthermore, we also introduce a new notion of computational entropy, as a sort of computational version of Kolmogorov complexity. Our quantitative analysis shows that, hiding partial ciphertext is a powerful countermeasure, which enables us to achieve higher security level than existing approaches in case of backdoor plus covert channel attacks. We also show the relationship between our new notion of computational entropy and existing relevant concepts, including Shannon entropy, Yao entropy, Hill entropy, all-or-nothing Transform, and exposure-resilient function. This new computation entropy formulation may have independent interests.

防泄漏加密是保护数据机密性免受侧通道攻击的强大工具。在这项工作中，我们通过放宽对泄漏的限制，为反后门（或特洛伊木马）加上隐蔽的通道攻击引入了一种新的强大的泄漏设置。我们允许在任何时间，任何地点，任何地方进行有界泄漏。我们的泄漏阈值（例如10,000位）可能比典型的秘密密钥（例如AES密钥或RSA私钥）大得多。在这种强泄漏设置下，我们提出了一种有效的加密方案，该方案在标准设置下（即无泄漏）在语义上是安全的，并且可以承受强连续泄漏。我们设法通过隐藏部分（例如\（1 \％\）密文一样安全，就像我们使用少量更安全的硬件资源隐藏秘密密钥一样，因此任何对手几乎都很难窃取有关此受保护的部分密文或秘密信息的信息。我们注意到，这种密文保护良好的小部分的大小选择为比泄漏阈值大得多。我们提供了这种更安全的硬件资源进行数据通信和数据存储的具体和实际示例。此外，我们还引入了计算熵的新概念，作为Kolmogorov复杂度的一种计算形式。我们的定量分析表明，隐藏部分密文是一种有力的对策，在后门加上隐蔽通道攻击的情况下，这使我们能够比现有方法实现更高的安全级别。我们还展示了我们的计算熵新概念与现有相关概念之间的关系，其中包括香农熵，姚熵，希尔熵，全有或全无变换以及曝光弹性函数。这种新的计算熵公式可能具有独立的利益。