For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Information Leakage Measurement in a Distributed Computation Protocol
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences
Publication Date: 1995/01/25
Print ISSN: 0916-8508
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
server-aided secure computation, RSA, information theory, security, cryptography,
Full Text: PDF(519.1KB)>>
This paper deals with the information leakage measurement in a distributed computation protocol called SASC. The SASC protocol is a kind of two-party protocol between a client and a server. The computation for RSA cryptosystem is the target of this paper. This paper shows that a secure RSA-SASC protocol proposed recently could be changed to be insecure if the client which has secret information were to complain about the computation result. This paper first clarifies how to measure the information amount which leaks through the protocol. It, then, shows an attack procedure to make use of the client's complaint. Effectiveness of the attack procedure is measured by the information theoretic measure. By using the same measure, it is shown that some attacks do not work to derive the client's secret. It is also shown that a practical countermeasure to limit the number of incorrect computation allowed is effctive to limit the leakage of the secret information to some reasonable extent.