TY - GEN
T1 - How to construct a leakage-resilient (stateless) trusted party
AU - Genkin, Daniel
AU - Ishai, Yuval
AU - Weiss, Mor
N1 - Publisher Copyright:
© 2017, International Association for Cryptologic Research.
PY - 2017
Y1 - 2017
N2 - Trusted parties and devices are commonly used in the real world to securely perform computations on secret inputs. However, their security can often be compromised by side-channel attacks in which the adversary obtains partial leakage on intermediate computation values. This gives rise to the following natural question: To what extent can one protect the trusted party against leakage? Our goal is to design a hardware device T that allows m≥ 1 parties to securely evaluate a function f(x1, …, xm) of their inputs by feeding T with encoded inputs that are obtained using local secret randomness. Security should hold even in the presence of an active adversary that can corrupt a subset of parties and obtain restricted leakage on the internal computations in T. We design hardware devices T in this setting both for zero-knowledge proofs and for general multi-party computations. Our constructions can unconditionally resist either AC0 leakage or a strong form of “only computation leaks” (OCL) leakage that captures realistic side-channel attacks, providing different tradeoffs between efficiency and security.
AB - Trusted parties and devices are commonly used in the real world to securely perform computations on secret inputs. However, their security can often be compromised by side-channel attacks in which the adversary obtains partial leakage on intermediate computation values. This gives rise to the following natural question: To what extent can one protect the trusted party against leakage? Our goal is to design a hardware device T that allows m≥ 1 parties to securely evaluate a function f(x1, …, xm) of their inputs by feeding T with encoded inputs that are obtained using local secret randomness. Security should hold even in the presence of an active adversary that can corrupt a subset of parties and obtain restricted leakage on the internal computations in T. We design hardware devices T in this setting both for zero-knowledge proofs and for general multi-party computations. Our constructions can unconditionally resist either AC0 leakage or a strong form of “only computation leaks” (OCL) leakage that captures realistic side-channel attacks, providing different tradeoffs between efficiency and security.
KW - AMD Circuits
KW - Algebraic manipulation detection
KW - Leakage-resilience
KW - Secure multiparty computation
UR - http://www.scopus.com/inward/record.url?scp=85033771519&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-70503-3_7
DO - 10.1007/978-3-319-70503-3_7
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:85033771519
SN - 9783319705026
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 209
EP - 244
BT - Theory of Cryptography - 15th International Conference, TCC 2017, Proceedings
A2 - Kalai, Yael
A2 - Reyzin, Leonid
T2 - 15th International Conference on Theory of Cryptography, TCC 2017
Y2 - 12 November 2017 through 15 November 2017
ER -