A countermeasure against cryptographic key leakage in cloud: public-key encryption with continuous leakage and tampering resilience

Public-key encryption is an important security mechanism used in cloud environment. To ensure the confidentiality of data encrypted using public-key encryption, countermeasures against cryptographic key leakage by side-channel attacks should be applied to the encryption scheme implemented both in locality and in cloud server. Traditional public-key encryption does not capture side-channel attacks. Moreover, the adversary can inject fault to tamper with the secret key and observe the output of the public-key encryption scheme under this modified key which is called “tampering attack”. In this paper, we present two continuous leakage and tampering resilient CCA secure public-key encryption schemes. For implementations of our schemes during the key update, bounded number of tampering queries for arbitrary key relations and bounded leakage is allowed. By updating the secret key, our schemes are secure against continuous leakage and tampering attacks.