Continuous Leakage Attacks Research Articles

Reinforced securing of data leakage in Mobile Ad hoc Network (MANET) by hybrid mechanism of identity based encryption (IBE)

In Mobile Ad hoc Network (MANET), private data leakage that involves user’s private keys may become a threat to the computing systems security. It is essential that usual requirement of traditional cryptographic patterns or mechanisms have been performed for enduring several leakage attacks. However, the attacker can track and crack the cryptographic security due to the performance of continuous leakage attacks, which assist in introducing leakage resilience cryptography. But, still there are certain issues such as data loss, data failure system, data affecting and system break that are not yet resolved. As a result, various bounded-leakage models have been created for Identity Based Encryption (IBE) constructions that fail to fulfill their stated security under continuous-leakage assaults. This paper has introduced a hybrid mechanism of security to resolve the above listed issues by focusing in avoiding continuous leakage resilient through modified IBE schemes using Adaptive Chosen Cipher-text Attacks (ACCA) with Elliptical Curve Digital Signature Algorithm (ECDSA).

Fully Secure ID-Based Signature Scheme with Continuous Leakage Resilience

The side channel attacks will lead to the destruction of the security of the traditional cryptographic scheme. Leakage-resilient identity-based signature has attracted great attention. Based on the dual system encryption technology, we construct an identity-based signature scheme that can resist continuous private key leakage. In the standard model, the security of the scheme is proved. The key points of our leakage-resilient signature scheme are as follows: (1) The private key can be extended according to the security requirements. In other words, when the leakage is serious, we can select a bigger value n, where n is a parameter related to the leakage rate. (2) An elaborate key update algorithm makes the scheme resist continuous leakage attacks. Furthermore, the updated private key has the same distribution as the previous private key. (3) The proposed scheme is fully secure in the standard model rather than in the random oracle model or in the general group model. In order to achieve this goal, we use dual system encryption technology. Thus, the security of the constructed scheme does not depend on the number of queries of the attacker.

Continuous Leakage-Amplified Public-Key Encryption With CCA Security

Abstract Secret key leakage has become a security threat in computer systems, and it is crucial that cryptographic schemes should resist various leakage attacks, including the continuous leakage attacks. In the literature, some research progresses have been made in designing leakage resistant cryptographic primitives, but there are still some remaining issues unsolved, e.g. the upper bound of the permitted leakage is fixed. In actual applications, the leakage requirements may vary; thus, the leakage parameter with fixed size is not sufficient against various leakage attacks. In this paper, we introduce some novel idea of designing a continuous leakage-amplified public-key encryption scheme with security against chosen-ciphertext attacks. In our construction, the leakage parameter can have an arbitrary length, i.e. the length of the permitted leakage can be flexibly adjusted according to the specific leakage requirements. The security of our proposed scheme is formally proved based on the classic decisional Diffie–Hellman assumption.

Continuous leakage-resilient certificate-based signcryption scheme and application in cloud computing

Leakage of private information, e.g. the secret keys, has become a serious threat to the security of computing systems. It has become a common requirement that real-world security applications should withstand various leakage attacks, such as side-channel attacks, cold-boot attacks, etc. For example, the above leakage attacks are very common in cloud computing nowadays. Hence, we need a novel method to protect the security of data storage and authorization even if a certain amount of leakage information with respect to the secret state can be obtained by any adversary. In order to achieve the above goal, in this paper, we introduce a continuous leakage-resilient certificate-based signcryption (CBS) scheme, and we prove that our proposed scheme achieves the chosen-ciphertext attacks (CCA) security based on the discrete logarithm assumption and the decisional Diffie-Hellman assumption. Our proposed scheme not only has the ability to resist the continuous leakage attacks, but also enjoys very low computational overheads. Moreover, two concrete continuous leakage-resilient data storage and authorization protocols are generated from the above continuous leakage-resilient CBS scheme: one has a single key generation center and the other generates the keys in a distributed form. Therefore, our protocols with continuous leakage resilience are particularly suitable for data storage and authorization in cloud computing system.

Novel Public-Key Encryption with Continuous Leakage Amplification

Abstract Leakage of private information, such as the secret keys, has become a threat to the security of computing systems. It has become a common requirement that cryptographic schemes should withstand various leakage attacks, including the continuous leakage attacks. Although some research progresses have been made toward this area, there are still some unsolved issues. In the literature, the public-key encryption (PKE) constructions with (continuous) leakage resilience normally require the upper bound of leakage to be fixed. However, in many real-world applications, this requirement cannot provide sufficient protection against leakage attacks. In order to mitigate these problems, this paper demonstrates how to design a leakage amplified PKE scheme with continuous leakage resilience and chosen-plaintext attacks security. In our proposed PKE scheme, the leakage parameter can have an arbitrary length. Moreover, the length of permitted leakage in our scheme can be flexibly adjusted according to the leakage requirements of application environment. Its security is formally proved under the classic static assumption.

Provable secure identity-based online/offline encryption scheme with continual leakage resilience for wireless sensor network

As a potential technology, the identity-based online/offline encryption scheme is split into two phases (the offline phase and the online phase) which is especially suitable for sensor nodes with limited computation resources in that most of the works can be executed offline. However, a challenging issue is the well-known identity-based online/offline encryption schemes unable to resist continual key leakage attacks of the secret keys. To address the above security challenge, we put forth the first continual leakage-resilient identity-based online/offline encryption scheme which is suitable for ensuring secure communications in wireless sensor networks. More specifically, our formal security proofs analysis indicates that the proposed scheme can guarantee security even if partial information of the secret key is continually leaked due to side-channel attacks or fault injection attacks. Above all, compared to the existing identity-based online/offline encryption schemes, an identity-based online/offline encryption scheme with continual leakage resilient meets wireless sensor networks with strong security.

Practical continuous leakage-resilient CCA secure identity-based encryption

Leakage of private information including private keys of user has become a threat to the security of computing systems. It has become a common security requirement that a cryptographic scheme should withstand various leakage attacks. In the real life, an adversary can break the security of cryptography primitive by performing continuous leakage attacks. Although, some research on the leakage-resilient cryptography had been made, there are still some remaining issued in previous attempts. The identity-based encryption (IBE) constructions were designed in the bounded-leakage model, and might not be able to meet their claimed security under the continuous-leakage attacks. In the real applications, the leakage is unbounded. That is, a practical cryptography scheme should keep its original security in the continuous leakage setting. The previous continuous leakage-resilient IBE schemes either only achieve chosen-plaintext attacks security or the chosen-ciphertext attacks (CCA) security is proved in the selective identity model. Aiming to solve these problems, in this paper, we show how to construct the continuous leakage-resilient IBE scheme, and the scheme’s adaptive CCA security is proved in the standard model based on the hardness of decisional bilinear Diffie-Hellman exponent assumption. For any adversary, all elements in the ciphertext are random, and an adversary cannot obtain any leakage on the private key of user from the corresponding given ciphertext. Moreover, the leakage parameter of our proposal is independent of the plaintext space and has a constant size.

Continuous Leakage-Resilient Certificate-Based Encryption Scheme Without Bilinear Pairings

Abstract Recently, much attention has been focused on designing provably secure cryptographic primitives in the presence of key leakage, even the continuous leakage attacks. However, several constructions on the (continuous) leakage-resilient certificate-based encryption (CBE) scheme were proposed based on the bilinear pairings, and the corresponding computational efficiency is lower. Also, the leakage on the master secret key is omitted in the previous constructions. In this paper, to further achieve the better performance, a new construction method of continuous leakage-resilient CBE scheme without bilinear pairings is proposed, and the chosen-ciphertext attacks security of designed scheme is proved based on the hardness of the classic decisional Diffie–Hellman assumption. The performance analysis shows that our method not only can obtain higher computational efficiency but also enjoys better security performances, such as the leakage parameter of secret key of user has the constant size, and an adversary cannot obtain any leakage on the secret key of user from the corresponding given ciphertext etc. The advantage is that our proposal allows leakage attacks of multiple keys, i.e. continuous leakage resilience of the secret key of user and bounded leakage resilience of the master secret key. Additionally, to provide the leakage resilience for the cloud computing, a novel data access control scheme for cloud storage service is proposed from our continuous leakage-resilient CBE scheme, which can keep its claimed security in the leakage seting.

Novel updatable identity-based hash proof system and its applications

Alwen et al. in Eurocrypt 2010, showed that an identity-based hash proof system (IB-HPS), where IB-HPS generalizes the notion of hash proof system (HPS) to the identity-based setting, almost immediately yields an identity-based encryption (IBE) scheme which is secure against partial leakage of the target identity's decryption key. That is, an IBE scheme with bounded leakage resilience can be naturally created from an IB-HPS. However, in the real world, the leakage is unbounded, and any adversary can break the security of cryptography shceme by performing continuous leakage attacks. To further increase the practicability, a cryptography scheme must hold the claimed security in the continuous leakage setting. Dodis et al. in FOCS 2010, showed a generic method how to create a cryptography shceme with continuous leakage resilience from the bounded leakage-resilient cryptosystem by performing an additional key update algorithm while the public parameters keep unchanged. To construct a continuous leakage-resilient cryptography scheme, a new primitive, called it updatable identity-based hash proof system (U-IB-HPS), is proposed, which is an improved IB-HPS. In particular, the improved system has an additional key update algorithm, which can push some new randomness into the private key of user (or the master secret key), the updated results are random in the adversary's view, and the leakage of previous private key of user (or the master secret key) does not work for the updated results. However, the previous instantiations of U-IB-HPS cannot achieve the claimed security. To solve the above problems, in this paper, two instantiations of U-IB-HPS with better performance are created, and the security of proposed system is proved, in the standard model, based on the classic decisional bilinear Diffie-Hellman assumption. The corresponding IBE scheme created with our U-IB-HPS allows continuous leakage of multiple keys, i.e., continuous leakage of the master secret key and the private key of user. Additionally, our U-IB-HPS can also be employed as an underlying basic tool to build the generic construction of continuous leakage-amplified public-key encryption scheme, continuous leakage-resilient identity-based authenticated key exchange protocol, and continuous leakage-resilient public-key encryption scheme with keyword search, etc.

Identity‐based encryption resilient to continuous key leakage

Leakage of private information has become a threat to the security of computing systems. It has become a common security requirement that a cryptography scheme should withstand various leakage attacks, even the continuous leakage attacks. However, in the current constructions on the (continuous) leakage-resilient identity-based encryption (CLR-IBE) scheme, the leakage parameter is a fixed value. Aiming to solve these problems, in this study, the authors show how to construct the CLR-IBE scheme, and the adaptive chosen-ciphertext attacks security of proposed construction can be proved in the standard model. To further improve the practicability of CLR-IBE scheme, they design an improved IBE scheme with continuous leakage amplified property, and the leakage parameter has an arbitrary length.

Anonymous and Updatable Identity-Based Hash Proof System

In EUROCRYPT 2002, Alwen et al. demonstrated that an identity-based hash proof system (IB-HPS) can be used to generate an identity-based encryption (IBE) scheme, which is secure against partial leakage of the decryption key of the target identity. However, in many real-world applications, the leakage is normally unbounded, and an adversary could violate the security of such cryptography schemes by performing continuous leakage attacks. Therefore, cryptography schemes are desirable to maintain their claimed security even in the continuous leakage setting. In this paper, we first design an improved IB-HPS called updatable IB-HPS (U-IB-HPS), which has an additional key update algorithm to embed some fresh randomness into the user's private key, ensuring that enough entropy is maintained in the updated keys. Then, we further use the U-IB-HPS to propose a generic construction of continuously leakage-resilient IBE schemes. Finally, an instantiation of the U-IB-HPS with anonymity is presented. As a result, our construction delivers an anonymous IBE scheme that is secure against continuous leakage of user's private key. The security of our proposed scheme has been proved in the random oracle model under the classic decisional bilinear Diffie–Hellman assumption, which is a standard static security assumption.

Continuous Leakage-Resilient Identity-Based Encryption Scheme with CCA Security

Leakage of private information including private key has become a threat to the security of computing systems. It has become a common security requirement that a cryptographic scheme should withstand various leakage attacks, including continuous leakage attacks. In order to obtain an Identity-based encryption (IBE) scheme which can keep its original security in the continuous leakage setting, we propose a new construction method of IBE scheme with Chosen-ciphertext attacks (CCA) security, which can tolerate continuous leakage attacks on many private keys of each identity, and whose security is proved based on the hardness of the classical Decisional bilinear Diffie-Hellman (DBDH) assumption in the standard model. The leakage parameter is independent of the plaintext space and has the constant size.

Continuous leakage-resilient identity-based encryption with leakage amplification

In modern computer systems, leakage of private information may cause catastrophic consequences, especially those are related to the secret keys in cryptographic mechanisms. Therefore, it has been widely accepted both in academia and industry that cryptographic schemes should withstand various leakage attacks, including the continuous leakage attacks. Although a lot of researches have been conducted towards this issue and some progresses have been made, there are still many unsolved problems in this area. For example, in the majority of the existing identity-based encryption (IBE) schemes with (continuous) leakage resilience, the upper bound of leakage is required to be fixed. But in many real-world applications, such a requirement is inadequate to protect the schemes against the leakage attacks. Moreover, many previous efforts aiming to build IBE schemes that are secure against the chosen-ciphertext attacks (CCA) need to rely on the q-type assumptions. But these solutions are not desirable, because the q-type assumptions are non-static assumptions. In this paper, in order to address the above mentioned problems, we demonstrate how to construct a continuous leakage-resilient CCA-secure IBE scheme with leakage amplification, in which the leakage parameter has an arbitrary length. The benefit is that the length of permitted leakage in our scheme can be adjusted flexibly according to the leakage requirements. Moreover, the security of our proposed scheme can be proved with static assumptions in the standard model. Compared with the related works in the literature, our scheme enjoys a unique feature that it allows continuous leakage of multiple keys simultaneously, e.g. continuous leakage of the master secret key as well as the user’s private key.

Continuous Leakage-Resilient Identity-Based Encryption with Tight Security

Abstract In the actual applications, an adversary can break the security of cryptography scheme through various leakage attacks (e.g. side-channel attacks, cold-boot attacks, etc.), even the continuous leakage attacks. That is, a practical cryptography scheme must maintain its claimed security in the continuous leakage setting. However, the previous constructions on the leakage-resilient identity-based encryption (IBE) scheme could tolerate a leakage that is bounded, and cannot resist the continuous leakage attacks. In order to further achieve the better security, a novel method to build the continuous leakage-resilient IBE scheme with tight security is presented in this paper, and the scheme’s security is proved, in the standard model, based on a stronger security assumption that depends on the number of queries made by the adversary. In addition, our proposal has several advantages over previous such constructions, e.g. shorter public parameters, higher communication efficiency, tight security, etc.

Continuously non-malleable codes with split-state refresh

Non-malleable codes for the split-state model allow to encode a message into two parts, such that arbitrary independent tampering on each part, and subsequent decoding of the corresponding modified codeword, yields either the same as the original message, or a completely unrelated value. Continuously non-malleable codes further allow to tolerate an unbounded (polynomial) number of tampering attempts, until a decoding error happens. The drawback is that, after an error happens, the system must self-destruct and stop working, otherwise generic attacks become possible.In this paper we propose a solution to this limitation, by leveraging a split-state refreshing procedure. Namely, whenever a decoding error happens, the two parts of an encoding can be locally refreshed (i.e., without any interaction), which allows to avoid the self-destruct mechanism in some applications. Additionally, the refreshing procedure can be exploited in order to obtain security against continual leakage attacks. We give an abstract framework for building refreshable continuously non-malleable codes in the common reference string model, and provide a concrete instantiation based on the external Diffie–Hellman assumption.Finally, we explore applications in which our notion turns out to be essential. The first application is a signature scheme tolerating an arbitrary polynomial number of split-state tampering attempts, without requiring a self-destruct capability, and in a model where refreshing of the memory happens only after an invalid output is produced. This circumvents an impossibility result from a recent work by Fujisaki and Xagawa (Asiacrypt 2016). The second application is a compiler for tamper-resilient read-only RAM programs. In comparison to other tamper-resilient RAM compilers, ours has several advantages, among which the fact that, in some cases, it does not rely on the self-destruct feature.

Efficient chosen-ciphertext secure hybrid encryption scheme tolerating continuous leakage attacks

ABSTRACTFor any PPT adversary, most traditional leakage-resilient cryptographic primitives cannot ensure that all elements in ciphertext are random. What’s worse, in a continuous leakage setting, there are few leakage-resilient cryptographic primitives available. Currently, not many researchers are studying leakage-resilient hybrid encryption (LR-HE) scheme. Thus, two continuous leakage-resilient hybrid encryption (CLR-HE) schemes are constructed in this paper, and the schemes’ security are proven based on the standard static assumption. Our constructions not only can maintain their claimed security in a continuous leakage setting, but also enjoy better performances. Because of these good performances, our constructions can provide continuous leakage-resilient security in the Internet of Things.

The generic construction of continuous leakage-resilient identity-based cryptosystems

In the leakage setting, the adversary is allowed to access the internal secret states of a cryptosystem, such as the private key of user and the master secret key. In the continuous leakage model, there is no predetermined bound on the leakage of internal secret states; therefore, it is more challenging. In this paper, we present a new primitive called updatable identity-based hash proof system (U-IB-HPS), which can serve as a fundamental tool for constructing continuous leakage-resilient identity-based cryptosystems. With the U-IB-HPS, we obtain the generic constructions of identity-based cryptosystem with continuous leakage-resilience, such as the continuous leakage-resilient identity-based encryption with leakage amplification, the continuous leakage-resilient identity-based hybrid encryption with leakage amplification, etc. As a feature of our generic constructions, we allow the leakage of multiple keys, i.e., leakage of the master secret key and the private key of user. In addition, we present a generic framework of one-round identity-based authenticated key exchange (AKE) protocol with continuous leakage resilience, which ensures the session key security even if the adversary performs continuous leakage attacks during the execution of a session. We also present instantiations of U-IB-HPS from bilinear groups and composite order bilinear groups, respectively. The security of our instantiations is based on the standard static assumptions, such as the decisional bilinear Diffie–Hellman assumption, the corresponding complexity assumptions over composite order bilinear groups, etc. Our instantiations can be easily extended to construct the updatable hierarchical identity-based hash proof system.

Continuous leakage-resilient certificateless public key encryption with CCA security

Recently, much attention has been focused on designing provably secure cryptographic scheme in the presence of key leakage, and many constructions are proposed by cryptography researchers. However, most of them are researched in the bounded-leakage model, and cannot keep their claimed security in the continuous-leakage setting. It has been a research challenge to achieve the claimed security in continuous leakage setting. Also, for any polynomial time adversary, most of pre-existing constructions cannot ensure that their output is random in the leakage setting, and any adversary can get a certain amount of additional information on the private key from the output of cryptographic scheme. To obtain better performance (e.g., continuous leakage-resilience, etc.), a new construction of CCA2 secure continuous leakage-resilient certificateless public-key encryption scheme is proposed in this paper, and the scheme’s security is proved based on the hardness of the classical decisional Diffie–Hellman assumption. According to the results of analysis, we can get that our construction not only tolerates continuous leakage attacks on the private key through periodically update, but also enjoys better performances, such as the round leakage parameter has the constant size, and any polynomial time adversary are unable to get leakage on the private key from the corresponding ciphertext, etc. In particular, the striking advantage of our method is the key leakage ratio, which can achieve 3/4. Because these good performance features, our proposal may have some significant value in the practical applications.

CCA2 secure public‐key encryption scheme tolerating continual leakage attacks

AbstractFor a public‐key encryption scheme to be applied in practical applications, it should withstand various leakage attacks (e.g., side‐channel attacks and cold‐boot attacks). To this end, we present a way of construct the more practical CCA2 secure public‐key encryption scheme tolerating leakage attacks, and the scheme's security is based on the hardness of classical decisional Diffie–Hellman assumption and the target collision resistant of one‐way hash function. Additionally, our proposal enjoys better performance, for example, all of elements of ciphertext will be random from the adversary's view, and any probabilistic polynomial‐time adversary cannot obtain leakage on the secret key from the ciphertext, and so on. In the bounded‐leakage setting, for any leakage parameter λ⩽logq − ω(logk)(q is the prime order of the underlying group, and k denotes the security parameter.), our proposal is secure against leakage‐resilient chosen‐ciphertext attacks, where λ is independent of the plaintext space, and has the constant size. However, in the real world, an adversary can continuously learn information on the secret key through a variety of leakage attacks and can trivially break the security of public‐key encryption scheme under the continual leakage attacks. Thus, we will improve our method to resist the continual leakage attacks. Similarly, for any round leakage parameter λC⩽logq − ω(logk), we can prove the security of the improvement scheme based on the hardness of decisional Diffie–Hellman assuming and the target collision resistant of one‐way hash function. With this important performance, our proposal may have some significant value in the practical applications, such as our proposal can provide the leakage‐resilient security for outsourcing data in the cloud computing environment. Copyright © 2016 John Wiley & Sons, Ltd.

Continuous leakage-resilient certificate-based encryption

Encryption schemes are generally considered to be secure in an ideal environment, where the adversary cannot obtain the secret internal state of schemes. However, in the realistic environment, the adversary can gain partial information about decryption private key through various types of side channel attacks. In order to capture these attacks, it is crucial to design encryption schemes which are resilient to leakage. In this article, we first formalize a continuous leakage-resilient security model of certificate-based encryption. In the model, the adversary continuously obtains partial information about the secret states through the continuous leakage attacks. Furthermore, we construct a continuous leakage-resilient certificate-based encryption (CLR-CBE) scheme which is resilient to continuous leakage, and it is secure against adaptive chosen ciphertext attacks under the bilinear Diffie–Hellman inversion (BDHI) hardness assumption. Lastly, we show the bound on leakage and make comparison between proposed and existing schemes in terms of security properties and efficiency.