Side-channel attacks have often proven to have a devastating effect on the security of cryptographic schemes. In this paper, we address the problem of storing cryptographic keys and computing on them in a manner that preserves security even when the adversary is able to obtain information leakage during the computation on the key.Using the recently achieved fully homomorphic encryption, we show how to encapsulate a key and repeatedly evaluate arbitrary functions on it so that no adversary can gain any useful information from a large class of side-channel attacks. We work in the model of Micali and Reyzin, assuming that only the active part of memory during computation leaks information. Similarly to previous works, our construction makes use of a single "leak-free" hardware token that samples from a globally-fixed distribution that does not depend on the key.Our construction is the first general compiler to achieve resilience against polytime leakage functions without performing any leak-free computation on the underlying secret key. Furthermore, the amount of computation our construction must perform does not grow with the amount of leakage the adversary is able to obtain; instead, it suffices to make a stronger assumption about the security of the fully homomorphic encryption.
Abstract. The standard approach for constructing a large-stretch pseudo-random generator given a one-way permutation or given a smallerstretch pseudo-random generator involves repeatedly composing the given primitive with itself. In this paper, we consider whether this approach is necessary, that is, whether there are constructions that do not involve composition. More formally, we consider black-box constructions of pseudorandom generators from pseudo-random generators of smaller stretch or from one-way permutations, where the constructions make only nonadaptive queries to the given object. We consider three classes of such constructions, and for each class, we give a black-box impossibility result that demonstrates a contrast between the stretch that can be achieved by adaptive and non-adaptive black-box constructions.We first consider constructions that make constantly-many nonadaptive queries to a given pseudo-random generator, where the seed length of the construction is at most O(log n) bits longer than the length n of each oracle query. We show that such constructions cannot achieve stretch that is even a single bit greater than the stretch of the given pseudo-random generator.We then consider constructions with arbitrarily long seeds, but where oracle queries are collectively chosen in a manner that depends only on a portion of the seed whose length is at most O(log n) bits longer than the length n of each query. We show that such constructions making constantly-many non-adaptive queries cannot achieve stretch that is ω(log n) bits greater than the stretch of the given pseudo-random generator.Finally, we consider a class of constructions motivated by streaming computation. Specifically, we consider constructions where the computation of each individual output bit depends only on the seed and on the response to a single query to a one-way permutation. We allow the seed to have a public portion that is arbitrarily long but must always be included in the output, and a non-public portion that is at most O(log n) bits longer than the length n of each oracle query. We show that such P.P. Limits on the Stretch of Non-adaptive Constructions 505 constructions whose queries are chosen non-adaptively based only on the non-public portion of the seed cannot achieve linear stretch.
Understanding and modeling leakage in the context of cryptographic systems (connecting physical protection of keys and cryptographic operation) is an emerging area with many missing issues and hard to understand aspects. In this work we initiate the study of leakage out of cryptographic devices when the operation is inherently replicated in multiple locations. This setting (allowing the adversary access to leakage at different locations) arises naturally in cases like protocols, where different parties activate the same cryptographic function, or in the case of a global service providers (like cloud operators) which need to replicate the cryptographic function to allow for accessible and responsive services. We specifically deal with the theoretical setting of "leakage resilient cryptography," (modeling leakage as a bound associated with algorithmic steps), and in the most general model of continual leakage on memory, randomness (and thus computation) with periods of operation and refresh of private keys between them. We first investigate public-key cryptography, and construct a multilocation leakage resilient signature scheme (with unbounded number of locations) with optimal (i.e., total n(1 − o(1)) leakage) in a period, and O(log n) leakage during updates (n is the key size). The new crucial issue behind our scheme is how to maintain leakage at each location at the level of key leakage in the single location variant, even under parallel adaptive leakage at the different locations. We then construct a shared-symmetric-key authenticated session protocol that is resilient to leakage on both the sender and the receiver, and tolerates O(log n) bits of leakage per computation. We construct and utilize a single-location pseudorandom generator which is the first to tolerate continual leakage with only an efficient pseudorandom function as a primitive component. This protocol highlights the importance of protocol level "per message synchronization" against leakage adversaries. Interestingly, the construction is secure in spite of the entire randomness used in the refresh processes being publicly available.
As part of the continuous quality improvement program at The Toronto Hospital’s Department of Family & Community Medicine (TTH-DFCM), it was considered necessary to examine the structures, processes and outcomes of influenza immunization for the elderly. Objective: The study sought to (a) document the current influenza immunization process; (b) quantify influenza immunization rates for elderly patients during two consecutive immunization seasons (1996 and 1997), and compare these rates across physician teams, attending staff vs. residents, patient gender, and patient age groups; (c) compare influenza immunization rates with other centers; and (d) identify barriers and propose solutions to improve influenza immunization rates in the elderly. Design: Evaluation Formative Research. Setting: A computerized roster of 15,000 patients at The Toronto Hospital, Department of Family and Community Medicine, a University of Toronto academic teaching center. Participants: Active patients age 65 years and over. Dependent variable: Influenza immunization. Independent variables: Physician Teams, Physician status, Patient gender, and Patient age group. Results: Immunization rates of attendees increased from 75.4% to 78.7%; over 3% increase from 1996 to 1997. Major subgroups which benefited from increased immunization rates were patients in the Blue team, patients age 70-74 years, and female patients. Conclusion: This study presents a rigorous examination of the components of the influenza immunization program, and demonstrates improved immunization rates over a two-year period. Suggestions for future action have been identified. The study design can also serve as a model for future clinical quality improvement projects.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
Contact Info
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Product
Resources
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.
