Abstract/Details

Cryptographic Resilience to Continual Information Leakage


2011 2011

Other formats: Order a copy

Abstract (summary)

In this thesis, we study the question of achieving cryptographic security on devices that leak information about their internal secret state to an external attacker. This study is motivated by the prevalence of side-channel attacks, where the physical characteristics of a computation (e.g. timing, power-consumption, temperature, radiation, acoustics, etc.) can be measured, and may reveal useful information about the internal state of a device. Since some such leakage is inevitably present in almost any physical implementation, we believe that this problem cannot just be addressed by physical countermeasures alone. Instead, it should already be taken into account when designing the mathematical specification of cryptographic primitives and included in the formal study of their security.

In this thesis, we propose a new formal framework for modeling the leakage available to an attacker. This framework, called the continual leakage model, assumes that an attacker can continually learn arbitrary information about the internal secret state of a cryptographic scheme at any point in time, subject only to the constraint that the rate of leakage is bounded. More precisely, our model assumes some abstract notion of time periods. In each such period, the attacker can choose to learn arbitrary functions of the current secret state of the scheme, as long as the number of output bits leaked is not too large. In our solutions, cryptographic schemes will continually update their internal secret state at the end of each time period. This will ensure that leakage observed in different time periods cannot be meaningfully combined to break the security of the cryptosystem. Although these updates modify the secret state of the cryptosystem, the desired functionality of the scheme is preserved, and the users can remain oblivious to these updates. We construct signatures, encryption, and secret sharing/storage schemes in this model.

Indexing (details)


Subject
Applied Mathematics;
Computer science
Classification
0364: Applied Mathematics
0984: Computer science
Identifier / keyword
Applied sciences; Computer security; Cryptographic resilience; Cryptography; Information leakage
Title
Cryptographic Resilience to Continual Information Leakage
Author
Wichs, Daniel
Number of pages
252
Publication year
2011
Degree date
2011
School code
0146
Source
DAI-B 73/03, Dissertation Abstracts International
Place of publication
Ann Arbor
Country of publication
United States
ISBN
9781267049957
Advisor
Dodis, Yevgeniy
Committee member
Shoup, Victor; Subramanian, Lakshminarayanan
University/institution
New York University
Department
Computer Science
University location
United States -- New York
Degree
Ph.D.
Source type
Dissertations & Theses
Language
English
Document type
Dissertation/Thesis
Dissertation/thesis number
3486836
ProQuest document ID
911232644
Copyright
Database copyright ProQuest LLC; ProQuest does not claim copyright in the individual underlying works.
Document URL
http://search.proquest.com/docview/911232644
Access the complete full text

You can get the full text of this document if it is part of your institution's ProQuest subscription.

Try one of the following:

  • Connect to ProQuest through your library network and search for the document from there.
  • Request the document from your library.
  • Go to the ProQuest login page and enter a ProQuest or My Research username / password.