Seny Kamara and Jonathan Katz
Chosen-plaintext attacks on private-key encryption schemes
are currently modeled by giving an adversary access to an oracle that
encrypts a given message m using random coins that are generated uniformly
at random and independently of anything else. This leaves open
the possibility of attacks in case the random coins are poorly generated
(e.g., using a faulty random number generator), or are under partial adversarial
control (e.g., when encryption is done by lightweight devices
that may be captured and tampered with).
We introduce new notions of security modeling such attacks, propose two
concrete schemes meeting our definitions, and show generic transformations
for achieving security in this context.
|Published in||IACR workshop on Fast Software Encryption (FSE '08)|
|Series||Lecture Notes in Computer Science|
All copyrights reserved by Springer 2007.