On Provable Security of wPRF-Based Leakage-Resilient Stream Ciphers
Abstract: Weak pseudorandom functions (wPRFs) found an important application as main building blocks for leakage-resilient ciphers (EUROCRYPT’09 and later works). Several security bounds, based on different techniques and different assumptions, were given to those stream ciphers. The aim of this paper is twofold. First, we present a clear comparison of quantitatively different security bounds in the literature, obtained by means of time-to-success ratio analysis. Second, we revisit the current proof techniques and answer the natural question of how far we are from meaningful and provable security guarantees, when instantiating weak PRFs with standard primitives (block ciphers or hash functions). In particular, we attempt to fix some flaws in the recent analysis of the EUROCRYPT’09 stream cipher (TCC’14), applying new proof techniques to the problem of simulating auxiliary inputs. For one bit of leakage, for the first time, we achieve meaningful security of 60 bits when the cipher is build on the AES.
Loading