Paper 2009/220

Signature Schemes with Bounded Leakage Resilience

Jonathan Katz

Abstract

A leakage-resilient cryptosystem remains secure even if arbitrary, but bounded, information about the secret key (or possibly other internal state information) is leaked to an adversary. Denote the length of the secret key by $n$. We show a signature scheme tolerating (optimal) leakage of up to $n-n^\epsilon$ bits of information about the secret key, and a more efficient one-time signature scheme that tolerates leakage of $(\frac{1}{4}-\epsilon) \cdot n$ bits of information about the signer's entire state. The latter construction extends to give a leakage-resilient $t$-time signature scheme. All these constructions are in the standard model under general assumptions.

Note: Replaces ePrint report 2009/133

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Keywords
signaturesleakage resilience
Contact author(s)
jkatz @ cs umd edu
History
2009-05-26: received
Short URL
https://ia.cr/2009/220
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/220,
      author = {Jonathan Katz},
      title = {Signature Schemes with Bounded Leakage Resilience},
      howpublished = {Cryptology ePrint Archive, Paper 2009/220},
      year = {2009},
      note = {\url{https://eprint.iacr.org/2009/220}},
      url = {https://eprint.iacr.org/2009/220}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.