In recent years, there has been a major effort to design cryptographic schemes that remain secure even if part of the secret key is leaked. This is due to a recent proliferation of side channel attacks which, through various physical means, can recover part of the secret key. We explore the possibility of achieving security even with continual leakage, i.e., even if some information is leaked e...

Verifiable Secret Sharing (VSS) guarantees that honest parties reconstruct a consistent secret even in the presence of a malicious dealer that distributes invalid shares. We empower the dishonest dealer and consider the case when he subliminally leaks information in valid shares, allowing an adversary to access the secret prior to the reconstruction phase. We define the concept of Dealer-Leakag...

Authenticated Key Establishment (AKE) protocols enable two entities, say a client (or a user) and a server, to share common session keys in an authentic way. In this paper, we review AKE protocols from a little bit different point of view, i.e. the relationship between information a client needs to possess (for authentication) and immunity to the respective leakage of stored secrets from a clie...

We construct a stream-cipher S whose implementation is secure even if arbitrary (adversely chosen) information on the internal state of S is leaked during computation. This captures all possible side-channel attacks on S where the amount of information leaked in a given period is bounded, but overall can be arbitrary large, in particular much larger than the internal state of S. The only other ...

We construct identity-based encryption (IBE) and inner product encryption (IPE) schemes under the decision linear (DLIN) or symmetric external Diffie-Hellman (SXDH) assumptions. Their private user keys are leakage-resilient in several scenarios. In particular, • In the bounded memory leakage model (Akavia et al., TCC ’09), our basic schemes reach the maximum-possible leakage rate 1− o(1). • In ...

Memory corruption vulnerabilities not only allow modification of control data and injection of malicious payloads; they also allow adversaries to reconnoiter a diversified program, customize a payload, and ultimately bypass code randomization defenses. In response, researchers have proposed and built various leakage-resilient defenses against code reuse. Leakage-resilient defenses use memory pr...

Leakage resilience and black-box impossibility results in cryptography Ali Juma Doctor of Philosophy Graduate Department of Computer Science University of Toronto 2011 In this thesis, we present constructions of leakage-resilient cryptographic primitives, and we give black-box impossibility results for certain classes of constructions of pseudo-random