We study the question of achieving cryptographic security on
devices that leak information about their internal secret state to an
external attacker.This study is motivated by the prevalence of
side-channel attacks, where
the physical characteristics of a computation (e.g. timing,
temperature, radiation, acoustics, etc.) can be measured, and may
information about the internal state of a device. Since some such
inevitably present in almost any physical implementation, we believe
problem cannot just be addressed by physical countermeasures alone.
should already be taken into account when designing the mathematical
specification of cryptographic primitives and included in the formal
study of their security.
In this thesis, we propose a new formal framework for modeling the leakage available to an attacker. This framework, called the continual leakage model, assumes that an attacker can continually learn arbitrary information about the internal secret state of a cryptographic scheme at any point in time, subject only to the constraint that the rate of leakage is bounded. More precisely, our model assumes some abstract notion of time periods. In each such period, the attacker can choose to learn arbitrary functions of the current secret state of the scheme, as long as the number of output bits leaked is not too large. In our solutions, cryptographic schemes will continually update their internal secret state at the end of each time period. This will ensure that leakage observed in di erent time periods cannot be meaningfully combined to break the security of the cryptosystem. Although these updates modify the secret state of the cryptosystem, the desired functionality of the scheme is preserved, and the users can remain oblivious to these updates. We construct signatures, encryption, and secret sharing/storage schemes in this model.