Efficient Refreshing Protocol for Leakage-Resilient Storage Based on the Inner-Product Extractor

A recent trend in cryptography is to protect data and computation against various side-channel attacks. Dziembowski and Faust (TCC 2012) have proposed a general way to protect arbitrary circuits against any continual leakage assuming that: (i) the memory is divided into the parts, which leaks independently (ii) the leakage in each observation is bounded (iii) the circuit has an access to a leak-free component, which samples random orthogonal vectors. The pivotal element of their construction is a protocol for refreshing the so-called Leakage-Resilient Storage (LRS). In this note, we present a more efficient and simpler protocol for refreshing LRS under the same assumptions. Our solution needs O(n) operations to fully refresh the secret (in comparison to {\Omega}(n^2) for a protocol of Dziembowski and Faust), where n is a security parameter that describes the maximal amount of leakage in each invocation of the refreshing procedure

[1]  Silvio Micali,et al.  Physically Observable Cryptography , 2003, IACR Cryptol. ePrint Arch..

[2]  Yael Tauman Kalai,et al.  Overcoming the Hole in the Bucket: Public-Key Cryptography Resilient to Continual Memory Leakage , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.