Skip to content

Implementation of a leakage-resilient ElGamal key encapsulation mechanism

Research output: Contribution to journalArticle

  • David Galindo
  • Johann Großschädl
  • Zhe Liu
  • Praveen Kumar Vadnala
  • Srinivas Vivek
Original languageEnglish
Pages (from-to)229-238
Number of pages10
JournalJournal of Cryptographic Engineering
Volume6
Issue number3
Early online date29 Feb 2016
DOIs
DateAccepted/In press - 6 Feb 2016
DateE-pub ahead of print - 29 Feb 2016
DatePublished (current) - Sep 2016

Abstract

Leakage-resilient cryptography aims to extend the rigorous guarantees achieved through the provable security paradigm to physical implementations. The constructions designed on basis of this new approach inevitably suffer from an Achilles heel: a bounded leakage assumption is needed. Currently, a huge gap exists between the theory of such designs and their implementation to confirm the leakage resilience in practice. The present work tries to narrow this gap for the leakage-resilient bilinear ElGamal key encapsulation mechanism (BEG-KEM) proposed by Kiltz and Pietrzak in 2010. Our first contribution is a variant of the bounded leakage and the only-computation-leaks model that is closer to practice. We weaken the restriction on the image size of the leakage functions in these models and only insist that the inputs to the leakage functions have sufficient min-entropy left, in spite of the leakage, with no limitation on the quantity of this leakage. We provide a novel security reduction for BEG-KEM in this relaxed leakage model using the generic bilinear group axiom. Secondly, we show that a naive implementation of the exponentiation in BEG-KEM makes it impossible to meet the leakage bound. Instead of trying to find an exponentiation algorithm that meets the leakage axiom (which is a non-trivial problem in practice), we propose an advanced scheme, BEG-KEM+, that avoids exponentiation by a secret value, but rather uses an encoding into the base group due to Fouque and Tibouchi. Thirdly, we present a software implementation of BEG-KEM+ based on the Miracl library and provide detailed experimental results. We also assess its (theoretical) resistance against power analysis attacks from a practical perspective, taking into account the state-of-the-art in side-channel cryptanalysis.

    Research areas

  • Secure implementation, Side-channel cryptanalysis, Leakage-resilient cryptography, Security proof, Public-key encryption, Pairings

Documents

Links

DOI

View research connections

Related faculties, schools or groups