Leakage-Resilient Non-interactive Key Exchange in the Continuous-Memory Leakage Setting

  • Suvradip Chakraborty
  • Janaka Alawatugoda
  • C. Pandu Rangan
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10592)


Recently, Chakraborty et al. (Cryptoeprint:2017:441) showed a novel approach of constructing several leakage-resilient cryptographic primitives by introducing a new primitive called leakage-resilient non-interactive key exchange (LR-NIKE). Their construction of LR-NIKE was only in the bounded-memory leakage model, and they left open the construction of LR-NIKE in continuous-memory leakage model. In this paper we address that open problem. Moreover, we extend the continuous-memory leakage model by addressing more realistic after-the-fact leakage. The main ingredients of our construction are a leakage-resilient storage scheme and a refreshing protocol (Dziembowski and Faust, Asiacrypt 2011) and a (standard) chameleon hash function (CHF), equipped with an additional property of oblivious sampling, which we introduce. We observe that the present constructions of CHF already satisfies our new notion. Further, our protocol can be used as a building block to construct leakage-resilient public-key encryption schemes, interactive key exchange and low-latency key exchange protocols in the continuous-memory leakage model, following the approach of Chakraborty et al. (Cryptoeprint:2017:441).


Leakage-resilient Key exchange protocols After-the-fact leakage Continuous-memory leakage 



The work was initiated when the first and second authors were visiting IACR-SEAMS workshop on “Cryptography: Foundations and New Directions” at VAISM, Vietnam in the winter of 2016. The work is partially supported by Project No. CCE/CEP/22/VK&CP/CSE/14-15 on Information Security & Awareness (ISEA) Phase-II by Ministry of Electronics & Information Technology, Government of India. Janaka Alawatugoda acknowledges the grant NRC 16-020 of National Research Council, Sri Lanka.


  1. 1.
    Akavia, A., Goldwasser, S., Vaikuntanathan, V.: Simultaneous hardcore bits and cryptography against memory attacks. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 474–495. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-00457-5_28 CrossRefGoogle Scholar
  2. 2.
    Alawatugoda, J., Boyd, C., Stebila, D.: Continuous after-the-fact leakage-resilient key exchange. In: Susilo, W., Mu, Y. (eds.) ACISP 2014. LNCS, vol. 8544, pp. 258–273. Springer, Cham (2014). doi: 10.1007/978-3-319-08344-5_17 Google Scholar
  3. 3.
    Alawatugoda, J., Stebila, D., Boyd, C.: Modelling after-the-fact leakage for key exchange. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, pp. 207–216. ACM (2014)Google Scholar
  4. 4.
    Alawatugoda, J., Stebila, D., Boyd, C.: Continuous after-the-fact leakage-resilient eCK-secure key exchange. In: Groth, J. (ed.) IMACC 2015. LNCS, vol. 9496, pp. 277–294. Springer, Cham (2015). doi: 10.1007/978-3-319-27239-9_17 CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994). doi: 10.1007/3-540-48329-2_21 CrossRefGoogle Scholar
  6. 6.
    Brakerski, Z., Kalai, Y.T., Katz, J., Vaikuntanathan, V.: Overcoming the hole in the bucket: public-key cryptography resilient to continual memory leakage. IACR Cryptology ePrint Archive, Report 2010/278 (2010)Google Scholar
  7. 7.
    Brumley, D., Boneh, D.: Remote timing attacks are practical. In: USENIX Security Symposium, pp. 1–14 (2003)Google Scholar
  8. 8.
    Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001). doi: 10.1007/3-540-44987-6_28 CrossRefGoogle Scholar
  9. 9.
    Chakraborty, S., Janaka Alawatugoda, C., Rangan, P.: New approach to practical leakage-resilient public-key cryptography. Cryptology ePrint Archive, Report 2017/441 (2017).
  10. 10.
    Chakraborty, S., Paul, G., Rangan, C.P.: Efficient compilers for after-the-fact leakage: from CPA to CCA-2 secure PKE to AKE. In: Pieprzyk, J., Suriadi, S. (eds.) ACISP 2017. LNCS, vol. 10342, pp. 343–362. Springer, Cham (2017). doi: 10.1007/978-3-319-60055-0_18 CrossRefGoogle Scholar
  11. 11.
    Chen, R., Mu, Y., Yang, G., Susilo, W., Guo, F.: Strongly leakage-resilient authenticated key exchange. In: Sako, K. (ed.) CT-RSA 2016. LNCS, vol. 9610, pp. 19–36. Springer, Cham (2016). doi: 10.1007/978-3-319-29485-8_2 CrossRefGoogle Scholar
  12. 12.
    Chow, S.S.M., Dodis, Y., Rouselakis, Y., Waters, B.: Practical leakage-resilient identity-based encryption from simple assumptions. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 152–161. ACM (2010)Google Scholar
  13. 13.
    Dodis, Y., Haralambiev, K., López-Alt, A., Wichs, D.: Cryptography against continuous memory attacks. In: 2010 51st Annual IEEE Symposium on Foundations of Computer Science (FOCS), pp. 511–520. IEEE (2010)Google Scholar
  14. 14.
    Dodis, Y., Kalai, Y.T., Lovett, S.: On cryptography with auxiliary input. In: STOC, pp. 621–630 (2009)Google Scholar
  15. 15.
    Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1), 97–139 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  16. 16.
    Dodis, Y., Pietrzak, K.: Leakage-resilient pseudorandom functions and side-channel attacks on feistel networks. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 21–40. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-14623-7_2 CrossRefGoogle Scholar
  17. 17.
    Döttling, N., Garg, S.: Identity-based encryption from the diffie-hellman assumption. Cryptology ePrint Archive, Report 2017/543 (2017).
  18. 18.
    Dziembowski, S., Faust, S.: Leakage-resilient cryptography from the inner-product extractor. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 702–721. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-25385-0_38 CrossRefGoogle Scholar
  19. 19.
    Dziembowski, S., Pietrzak, K.: Leakage-resilient cryptography. In: IEEE 49th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2008, pp. 293–302. IEEE (2008)Google Scholar
  20. 20.
    Faonio, A., Nielsen, J.B., Venturi, D.: Mind your coins: fully leakage-resilient signatures with graceful degradation. In: Halldórsson, M.M., Iwama, K., Kobayashi, N., Speckmann, B. (eds.) ICALP 2015. LNCS, vol. 9134, pp. 456–468. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-47672-7_37 CrossRefGoogle Scholar
  21. 21.
    Freire, E.S.V., Hofheinz, D., Kiltz, E., Paterson, K.G.: Non-interactive key exchange. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 254–271. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36362-7_17 CrossRefGoogle Scholar
  22. 22.
    Galindo, D.: Boneh-Franklin identity based encryption revisited. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 791–802. Springer, Heidelberg (2005). doi: 10.1007/11523468_64 CrossRefGoogle Scholar
  23. 23.
    Halevi, S., Lin, H.: After-the-fact leakage in public-key encryption. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 107–124. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-19571-6_8 CrossRefGoogle Scholar
  24. 24.
    Hutter, M., Mangard, S., Feldhofer, M.: Power and EM attacks on passive 13.56MHz RFID devices. In: CHES, pp. 320–333 (2007)Google Scholar
  25. 25.
    Katz, J., Vaikuntanathan, V.: Signature schemes with bounded leakage resilience. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 703–720. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-10366-7_41 CrossRefGoogle Scholar
  26. 26.
    Kiltz, E., Pietrzak, K.: Leakage resilient elgamal encryption. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 595–612. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-17373-8_34 CrossRefGoogle Scholar
  27. 27.
    LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-75670-5_1 CrossRefGoogle Scholar
  28. 28.
    Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5), 541–552 (2002)MathSciNetCrossRefGoogle Scholar
  29. 29.
    Micali, S., Reyzin, L.: Physically observable cryptography (extended abstract). In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 278–296. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-24638-1_16 CrossRefGoogle Scholar
  30. 30.
    Naor, M., Segev, G.: Public-key cryptosystems resilient to key leakage. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 18–35. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-03356-8_2 CrossRefGoogle Scholar
  31. 31.
    Petit, C., Standaert, F.-X., Pereira, O., Malkin, T.G., Yung, M.: A block cipher based pseudo random number generator secure against side-channel key recovery. In: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, pp. 56–65. ACM (2008)Google Scholar
  32. 32.
    Pietrzak, K.: A leakage-resilient mode of operation. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 462–482. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-01001-9_27 CrossRefGoogle Scholar
  33. 33.
    Shoup, V.: Oaep reconsidered. J. Cryptol. 15(4), 223–249 (2002)MathSciNetCrossRefzbMATHGoogle Scholar
  34. 34.
    Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. IACR Cryptology EPrint Archive, 2004:332 (2004)Google Scholar
  35. 35.
    Yuen, T.H., Chow, S.S.M., Zhang, Y., Yiu, S.M.: Identity-based encryption resilient to continual auxiliary leakage. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 117–134. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-29011-4_9 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Suvradip Chakraborty
    • 1
  • Janaka Alawatugoda
    • 2
  • C. Pandu Rangan
    • 1
  1. 1.Department of Computer Science and EngineeringIndian Institute of Technology MadrasChennaiIndia
  2. 2.Department of Computer EngineeringUniversity of PeradeniyaPeradeniyaSri Lanka

Personalised recommendations