#### Filter Results:

#### Publication Year

2009

2016

#### Publication Type

#### Co-author

#### Publication Venue

#### Key Phrases

Learn More

Leakage-resilient cryptosystems aim to maintain security in situations where their implementation leaks physical information about their internal secrets. Because of their efficiency and usability on a wide range of platforms, solutions based on symmetric primitives (such as block ciphers) are particularly attractive in this context. So far, the literature… (More)

We propose a leakage-resilient signature scheme in the continual leakage model that is based on a well-known identity-based en-cryption scheme by Boneh and Boyen (Eurocrypt 2004). The proposed signature scheme is the most ecient among the existing schemes that allow for continual leakage. Its eciency is close to that of non leakage-resilient pairing-based… (More)

We describe a new technique for evaluating polynomials over binary finite fields. This is useful in the context of anti-DPA countermeasures when an S-box is expressed as a polynomial over a binary finite field. For $$n$$ n -bit S-boxes, our new technique has heuristic complexity $${\fancyscript{O}}(2^{n/2}/\sqrt{n})$$ O ( 2 n / 2 / n ) instead of… (More)

Masking is a well-known technique used to prevent block cipher implementations from side-channel attacks. Higher-order side channel attacks (e.g. higher-order DPA attack) on widely used block cipher like AES have motivated the design of efficient higher-order masking schemes. Indeed, it is known that as the masking order increases, the difficulty of… (More)

Recently it was conjectured that an ElGamal-based public-key encryption scheme with stateful decryption resists lunch-time chosen ciphertext and leakage attacks in the only computation leaks information model. We give a non-trivial upper bound on the amount of leakage tolerated by this conjecture. More precisely, we prove that the conjecture does not hold… (More)

- Srinivas Vivek, Shankar B R
- 2009

—The integer complexity of a positive integer n, denoted f (n), is defined as the least number of 1's required to represent n, using only 1's, the addition and multiplication operators, and the parentheses. The running time of the algorithm currently used to compute f (n) is Θ(n 2). In this paper we present an algorithm with Θ(n log 2 3) as its running… (More)

Leakage-resilient cryptography aims to extend the rigorous guarantees achieved through the provable security paradigm to physical implementations. The constructions and mechanisms designed on basis of this new approach inevitably suffer from an Achilles heel: a bounded leakage assumption is needed. Currently, a huge gap exists between the theory of such… (More)

Leakage-resilient cryptography aims at capturing side-channel attacks within the provable security framework. Currently there exists a plethora of schemes with provably secure guarantees against a variety of side-channel attacks. However, meeting the strongest security levels (resilience against continual leakage attacks) under the weakest assumptions leads… (More)

Leakage-resilient cryptography aims to extend the rigorous guarantees achieved through the provable security paradigm to physical implementations. The constructions designed on basis of this new approach inevitably suffer from an Achilles heel: a bounded leakage assumption is needed. Currently, a huge gap exists between the theory of such designs and their… (More)