[Resource Topic] 2016/996: Leakage-Resilient and Misuse-Resistant Authenticated Encryption

Welcome to the resource topic for 2016/996

Title:
Leakage-Resilient and Misuse-Resistant Authenticated Encryption

Authors: Francesco Berti, François Koeune, Olivier Pereira, Thomas Peters, François-Xavier Standaert

Abstract:

Leakage-resilience and misuse-resistance are two important properties for the deployment of authenticated encryption schemes. They aim at mitigating the impact of implementation flaws due to side-channel leakages and misused randomness. In this paper, we discuss their interactions and incompatibilities. For this purpose, we first show a generic composition mode of a MAC with an encryption scheme that leads to a misuse-resistant authenticated encryption scheme, and also show that misuse-resistance does not hold anymore in the presence of leakages, even when relying on leakage-resilient MACs and encryption schemes. Next, we argue that full misuse-resistance with leakage may be impossible to achieve with simple primitives such as hash functions and block ciphers. As a result, we formalize a new security notion of ciphertext integrity with misuse and leakage, which seems to be the best that can be achieved in a symmetric cryptographic setting, and describe first efficient constructions satisfying it.

ePrint: https://eprint.iacr.org/2016/996

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .