暂无分享,去创建一个
A recent trend in cryptography is to protect data and computation against various side-channel attacks. Dziembowski and Faust (TCC 2012) have proposed a general way to protect arbitrary circuits against any continual leakage assuming that: (i) the memory is divided into the parts, which leaks independently (ii) the leakage in each observation is bounded (iii) the circuit has an access to a leak-free component, which samples random orthogonal vectors. The pivotal element of their construction is a protocol for refreshing the so-called Leakage-Resilient Storage (LRS).
In this note, we present a more efficient and simpler protocol for refreshing LRS under the same assumptions. Our solution needs O(n) operations to fully refresh the secret (in comparison to {\Omega}(n^2) for a protocol of Dziembowski and Faust), where n is a security parameter that describes the maximal amount of leakage in each invocation of the refreshing procedure
[1] Silvio Micali,et al. Physically Observable Cryptography (Extended Abstract) , 2004, Theory of Cryptography Conference.
[2] Yael Tauman Kalai,et al. Overcoming the Hole in the Bucket: Public-Key Cryptography Resilient to Continual Memory Leakage , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.