In the past, the security of most public-key encryption or key encapsulation schemes is shown in an ideal model, where private keys, secret keys and random values are assumed to be absolutely secure to adversaries. However, this ideal model is not practical due to side-channel attacks in the sense that adversaries could gain partial information of these secret values involved in decryption operations by perceiving energy consumption or execution timing. In such a case, these schemes under the ideal model could suffer from side-channel attacks. Recently, leakage-resilient cryptography resistant to side-channel attacks is an emerging research topic. Certificate-based encryption (CBE) or certificate-based key encapsulation (CB-KE) schemes are a class of important public-key encryption. However, little work addresses the design of leakage-resilient CBE (LR-CBE) or leakage-resilient CB-KE (LR-CB-KE) schemes. In this paper, we present the first LR-CB-KE scheme with overall unbounded leakage property which permits adversaries to continuously gain partial information of the system secret key of a trusted certificate authority (CA), the private keys and certificates of users, and random values. In the generic bilinear group model, formal security analysis is made to prove that the proposed LR-CB-KE scheme is secure against chosen ciphertext attacks.

中文翻译：

---

基于防泄漏的基于证书的密钥封装方案，可防止连续泄漏

过去，大多数公钥加密或密钥封装方案的安全性都是在理想模型中显示的，其中假定私钥，秘密密钥和随机值对对手绝对是安全的。但是，这种理想的模型由于在攻击者可以感知能量消耗或执行时间而获得解密操作中涉及的这些秘密值的部分信息的意义上，由于侧信道攻击而无法实施。在这种情况下，理想模式下的这些方案可能会遭受旁信道攻击。近年来，具有抗旁通道攻击能力的防泄漏加密技术是一个新兴的研究主题。基于证书的加密（CBE）或基于证书的密钥封装（CB-KE）方案是一类重要的公共密钥加密。然而，很少有工作涉及防漏CBE（LR-CBE）或防漏CB-KE（LR-CB-KE）方案的设计。在本文中，我们介绍了第一具有整体无限制泄漏属性的LR-CB-KE方案，允许攻击者连续获取受信任证书颁发机构（CA）的系统密钥，用户的私钥和证书以及随机值的部分信息。在通用双线性群模型中，进行了正式的安全性分析，以证明所提出的LR-CB-KE方案对于选择的密文攻击是安全的。