Abstract
In leakage resilient cryptography, there is a seemingly inherent restraint on the ability of the adversary that it cannot get access to the leakage oracle after the challenge. Recently, a series of works made a breakthrough to consider a postchallenge leakage. They presented achievable public key encryption (PKE) schemes which are semantically secure against after-the-fact leakage in the split-state model. This model puts a more acceptable constraint on adversary’s ability that the adversary cannot query the leakage of secret states as a whole but the functions of several parts separately instead of prechallenge query only. To obtain security against chosen ciphertext attack (CCA) for PKE schemes against after-the-fact leakage attack (AFL), existing works followed the paradigm of “double encryption” which needs noninteractive zero knowledge (NIZK) proofs in the encryption algorithm. We present an alternative way to achieve AFL-CCA security via lossy trapdoor functions (LTFs) without NIZK proofs. First, we formalize the definition of LTFs secure against AFL (AFLR-LTFs) and all-but-one variants (ABO). Then, we show how to realize this primitive in the split-state model. This primitive can be used to construct AFLR-CCA secure PKE scheme in the same way as the method of “CCA from LTFs” in traditional sense.
Highlights
In the past two decades, physical attacks which are capable of getting access to partial information of the secret state have become a serious threat to the security of cryptographic algorithms in practice. ese attacks have moved far beyond the scope of traditional cryptography with an inherent assumption that no information of the secret key is leaked
We demonstrate that after-the-fact leakage resilient (AFLR)-lossy trapdoor functions (LTFs) and all-but-one variants (ABO) invariants can be constructed in the split-state model and can achieve AFLR-chosen ciphertext attack (CCA) security without noninteractive zero knowledge (NIZK) proofs either
A collection of (n, k) ABO-LTFs is composed of 3 probabilistic polynomial time (PPT) algorithms: Gabo: take λ ∈ N and b∗ ∈ Bλ as input and output (s, td, B∗λ ), where s is a function index, td is its trapdoor, and B∗λ is the set of lossy branches that b∗ ∈ B∗λ
Summary
In the past two decades, physical attacks which are capable of getting access to partial information of the secret state have become a serious threat to the security of cryptographic algorithms in practice. ese attacks have moved far beyond the scope of traditional cryptography with an inherent assumption that no information of the secret key is leaked. In the bounded leakage model, an adversary could encode the challenge and decryption algorithm together to recover the Security and Communication Networks whole message via leakage queries if its length is shorter than the bound Most existing works, such as [1, 2, 8,9,10], beg this technical difficulty with a weaker security definition, which only admits prechallenge leakage queries. Qin et al [21] attempted to construct LR-LTFs, but their result can only be proven secure in a weaker model in which the adversary can get access to entire public key after leakage queries. We demonstrate that AFLR-LTFs and ABO invariants can be constructed in the split-state model and can achieve AFLR-CCA security without NIZK proofs either.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
