[Resource Topic] 2014/517: On the Connection between Leakage Tolerance and Adaptive Security

Welcome to the resource topic for 2014/517

Title:
On the Connection between Leakage Tolerance and Adaptive Security

Authors: Jesper Buus Nielsen, Daniele Venturi, Angela Zottarel

Abstract:

We revisit the context of leakage-tolerant interactive protocols as defined by Bitanski, Canetti and Halevi (TCC 2012). Our contributions can be summarized as follows: \begin{itemize} \item For the purpose of secure message transmission, any encryption protocol with message space \cM and secret key space \cSK tolerating poly-logarithmic leakage on the secret state of the receiver must satisfy |\cSK| \ge (1-\epsilon)|\cM|, for every 0 < \epsilon \le 1, and if |\cSK| = |\cM|, then the scheme must use a fresh key pair to encrypt each message. \item More generally, we show that any n party protocol tolerates leakage of \approx\poly(\log\spar) bits from one party at the end of the protocol execution, \emph{if and only if} the protocol has passive adaptive security against an adaptive corruption of one party at the end of the protocol execution. This shows that as soon as a little leakage is tolerated, one needs full adaptive security. \end{itemize} All our results can be based on the only assumption that collision-resistant function ensembles exist.

ePrint: https://eprint.iacr.org/2014/517

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .