Randomness Leakage in the KEM/DEM Framework

Recently, there have been many studies on constructing cryptographic primitives that are secure even if some secret information leaks. In this paper, we consider the problem of constructing public-key encryption schemes that are resilient to leaking the randomness used in the encryption algorithm. In particular, we consider the case in which publickey encryption schemes are constructed from the KEM/DEM framework, and the leakage of randomness in the encryption algorithms of KEM and DEM occurs independently. For this purpose, we define a new security notion for KEM. Then we provide a generic construction of a public-key encryption scheme that is resilient to randomness leakage from any KEM scheme satisfying this security. Also we construct a KEM scheme that satisfies the security under the decisional Diffie-Hellman assumption.

[1]  Moni Naor,et al.  Public-Key Cryptosystems Resilient to Key Leakage , 2012, SIAM J. Comput..

[2]  Vinod Vaikuntanathan,et al.  Simultaneous Hardcore Bits and Cryptography against Memory Attacks , 2009, TCC.

[3]  Yevgeniy Dodis,et al.  Leakage-Resilient Public-Key Cryptography in the Bounded-Retrieval Model , 2009, CRYPTO.

[4]  Jonathan Katz,et al.  How to Encrypt with a Malicious Random Number Generator , 2008, FSE.

[5]  Ronald Cramer,et al.  Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption , 2001, EUROCRYPT.

[6]  Stefan Dziembowski,et al.  Leakage-Resilient Storage , 2010, SCN.

[7]  Eyal Kushilevitz,et al.  Exposure-Resilient Functions and All-or-Nothing Transforms , 2000, EUROCRYPT.

[8]  Rafail Ostrovsky,et al.  Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data , 2004, SIAM J. Comput..

[9]  Shai Halevi,et al.  After-the-Fact Leakage in Public-Key Encryption , 2011, IACR Cryptol. ePrint Arch..

[10]  Stefan Dziembowski,et al.  Leakage-Resilient Cryptography , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[11]  Feng-Hao Liu,et al.  Tamper and Leakage Resilience in the Split-State Model , 2012, IACR Cryptol. ePrint Arch..

[12]  Yael Tauman Kalai,et al.  On cryptography with auxiliary input , 2009, STOC '09.

[13]  Ariel J. Feldman,et al.  Lest we remember: cold-boot attacks on encryption keys , 2008, CACM.

[14]  Krzysztof Pietrzak,et al.  Provable Security for Physical Cryptography ⋆ , 2010 .

[15]  Hovav Shacham,et al.  Hedged Public-Key Encryption: How to Protect against Bad Randomness , 2009, ASIACRYPT.

[16]  Yevgeniy Dodis,et al.  Survey: Leakage Resilience and the Bounded Retrieval Model , 2009, ICITS.