A Leakage-Resilient Certificateless Authenticated Key Exchange Protocol Withstanding Side-Channel Attacks

Certificateless public-key cryptography has conquered both the certificate management problem in the traditional public-key cryptography and the key escrow problem in the ID-based public-key cryptography. Certificateless authenticated key exchange (CLAKE) protocol is an important primitive of the certificateless public-key cryptography. A CLAKE protocol is employed to provide both mutual authentication and establishing a session key between two participators. Indeed, all conventional public-key cryptographies have encountered a new kind of attack, named "side-channel attacks". Fortunately, leakage-resilient cryptography is a flexible approach to withstand such attacks. However, the design of leakage-resilient CLAKE (LR-CLAKE) protocols is not studied. In the article, by extending the well-known extended-Canetti-Krawczyk (eCK) model, we present the security notions (adversary model) of LR-CLAKE protocols, called continual-leakage-resilient eCK (CLReCK) model. The first LR-CLAKE protocol withstanding side-channel attacks is proposed. By employing the proof technique of the generic bilinear group (GBG) model, we formally prove the security of our protocol in the CLReCK model.