dc.contributor.author | Rothblum, Guy N. | |
dc.contributor.author | Goldwasser, Shafrira | |
dc.date.accessioned | 2018-05-17T18:42:43Z | |
dc.date.available | 2018-05-17T18:42:43Z | |
dc.date.issued | 2015-10 | |
dc.date.submitted | 2013-08 | |
dc.identifier.issn | 0097-5397 | |
dc.identifier.issn | 1095-7111 | |
dc.identifier.uri | http://hdl.handle.net/1721.1/115437 | |
dc.description.abstract | We address the following problem: how to execute any algorithm P, for an unbounded number of executions, in the presence of an adversary who observes partial information on the internal state of the computation during executions. The security guarantee is that the adversary learns nothing, beyond P's input-output behavior. Our main result is a compiler, which takes as input an algorithm P and a security parameter κ and produces a functionally equivalent algorithm P′. The running time of P′ is a factor of poly(κ) slower than P. P′ will be composed of a series of calls to poly(κ)-time computable subalgorithms. During the executions of P′, an adversary algorithm A, which can choose the inputs of P′, can learn the results of adaptively chosen leakage functions-each of bounded output size ∼θ(κ)-on the subalgorithms of P′ and the randomness they use. We prove that any computationally unbounded A observing the results of computationally unbounded leakage functions will learn no more from its observations than it could given black-box access only to the input-output behavior of P. Unlike all prior work on this question, this result does not rely on any secure hardware components and is unconditional. Namely, it holds even if P = NP. | en_US |
dc.publisher | Society for Industrial & Applied Mathematics (SIAM) | en_US |
dc.relation.isversionof | http://dx.doi.org/10.1137/130931461 | en_US |
dc.rights | Article is made available in accordance with the publisher's policy and may be subject to US copyright law. Please refer to the publisher's site for terms of use. | en_US |
dc.source | SIAM | en_US |
dc.title | How to Compute in the Presence of Leakage | en_US |
dc.type | Article | en_US |
dc.identifier.citation | Goldwasser, Shafi and Guy N. Rothblum. “How to Compute in the Presence of Leakage.” SIAM Journal on Computing 44, 5 (January 2015): 1480–1549 © 2015 Society for Industrial and Applied Mathematics | en_US |
dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | en_US |
dc.contributor.mitauthor | Goldwasser, Shafrira | |
dc.relation.journal | SIAM Journal on Computing | en_US |
dc.eprint.version | Final published version | en_US |
dc.type.uri | http://purl.org/eprint/type/JournalArticle | en_US |
eprint.status | http://purl.org/eprint/status/PeerReviewed | en_US |
dc.date.updated | 2018-05-10T16:35:22Z | |
dspace.orderedauthors | Goldwasser, Shafi; Rothblum, Guy N. | en_US |
dspace.embargo.terms | N | en_US |
dc.identifier.orcid | https://orcid.org/0000-0003-4728-1535 | |
mit.license | PUBLISHER_POLICY | en_US |