TY - GEN
T1 - Leakage-tolerant interactive protocols
AU - Bitansky, Nir
AU - Canetti, Ran
AU - Halevi, Shai
PY - 2012
Y1 - 2012
N2 - We put forth a framework for expressing security requirements from interactive protocols in the presence of arbitrary leakage. The framework allows capturing different levels of leakage-tolerance of protocols, namely the preservation (or degradation) of security, under coordinated attacks that include various forms of leakage from the secret states of participating components. The framework extends the universally composable (UC) security framework. We also prove a variant of the UC theorem that enables modular design and analysis of protocols even in face of general, non-modular leakage. We then construct leakage-tolerant protocols for basic tasks, such as secure message transmission, message authentication, commitment, oblivious transfer and zero-knowledge. A central component in several of our constructions is the observation that resilience to adaptive party corruptions (in some strong sense) implies leakage-tolerance in an essentially optimal way.
AB - We put forth a framework for expressing security requirements from interactive protocols in the presence of arbitrary leakage. The framework allows capturing different levels of leakage-tolerance of protocols, namely the preservation (or degradation) of security, under coordinated attacks that include various forms of leakage from the secret states of participating components. The framework extends the universally composable (UC) security framework. We also prove a variant of the UC theorem that enables modular design and analysis of protocols even in face of general, non-modular leakage. We then construct leakage-tolerant protocols for basic tasks, such as secure message transmission, message authentication, commitment, oblivious transfer and zero-knowledge. A central component in several of our constructions is the observation that resilience to adaptive party corruptions (in some strong sense) implies leakage-tolerance in an essentially optimal way.
UR - http://www.scopus.com/inward/record.url?scp=84858329133&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-28914-9_15
DO - 10.1007/978-3-642-28914-9_15
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84858329133
SN - 9783642289132
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 266
EP - 284
BT - Theory of Cryptography - 9th Theory of Cryptography Conference, TCC 2012, Proceedings
T2 - 9th Theory of Cryptography Conference, TCC 2012
Y2 - 19 March 2012 through 21 March 2012
ER -