当前位置:
X-MOL 学术
›
Comput. J.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
Public-Key Encryption In The Standard Model Against Strong Leakage Adversary
The Computer Journal ( IF 1.5 ) Pub Date : 2020-06-03 , DOI: 10.1093/comjnl/bxaa055 Janaka Alawatugoda 1
中文翻译:
针对强泄漏对手的标准模型中的公钥加密
更新日期:2020-12-13
The Computer Journal ( IF 1.5 ) Pub Date : 2020-06-03 , DOI: 10.1093/comjnl/bxaa055 Janaka Alawatugoda 1
Affiliation
Abstract
Over the years, security against adaptively chosen-ciphertext attacks (CCA2) is considered as the strongest security definition for public-key encryption schemes. With the uprise of side-channel attacks, new security definitions are proposed, addressing leakage of secret keys together with the standard CCA2 definition. Among the new security definitions, security against continuous and after-the-fact leakage-resilient CCA2 can be considered as the strongest security definition, which is called as security against (continuous) adaptively chosen-ciphertext leakage attacks (continuous CCLA2). In this paper, we present a construction of a public-key encryption scheme, namely LR-PKE, which satisfies the aforementioned security definition. The security of our public-key encryption scheme is proven in the standard model, under decision BDH assumption. Thus, we emphasize that our public-key encryption scheme LR-PKE is (continuous) CCLA2-secure in the standard model. For our construction of LR-PKE, we have used a strong one-time signature scheme and a leakage-resilient refreshing protocol as underlying building blocks. The leakage bound is $0.15n\log p -1$ bits per leakage query, for a security parameter $k$ and a statistical security parameter $n$, such that $\log p \geq k$ and $n$ is a function of $k$. It is possible to see that LR-PKE is efficient enough to be used for real-world usage.
中文翻译:
针对强泄漏对手的标准模型中的公钥加密
摘要
多年来,针对自适应选择的密文攻击(CCA2)的安全性被视为公钥加密方案的最强安全性定义。随着边信道攻击的兴起,提出了新的安全定义,以解决秘密密钥与标准CCA2定义一起泄漏的问题。在新的安全性定义中,可以将针对连续和事后泄漏弹性CCA2的安全性视为最强的安全性定义,称为对(连续)自适应选择密文泄漏攻击的安全性(连续CCLA2)。在本文中,我们提出了一种公共密钥加密方案,即LR-PKE,它可以满足上述安全定义。我们的公共密钥加密方案的安全性已在BDH决策假设的标准模型中得到证明。因此,我们强调在标准模型中我们的公钥加密方案LR-PKE是(连续的)CCLA2安全的。对于我们的LR-PKE的构建,我们使用了强大的一次性签名方案和具有防泄漏能力的刷新协议作为基础构建块。对于安全参数$ k $和统计安全参数$ n $,每个泄漏查询的泄漏边界为$ 0.15n \ log p -1 $位,使得$ \ log p \ geq k $和$ n $是一个函数$ k $。可以看到LR-PKE足够有效,可以用于实际用途。对于安全参数$ k $和统计安全参数$ n $,每个泄漏查询15n \ log p -1 $位,使得$ \ log p \ geq k $和$ n $是$ k $的函数。可以看到LR-PKE足够有效,可以用于实际用途。对于安全参数$ k $和统计安全参数$ n $,每个泄漏查询15n \ log p -1 $位,使得$ \ log p \ geq k $和$ n $是$ k $的函数。可以看到LR-PKE足够有效,可以用于实际用途。
京公网安备 11010802027423号