In real world, in order to transform an abstract and generic cryptographic scheme into actual physical implementation, one usually undergoes two processes: mathematical realization at algorithmic level and physical realization at implementation level. In the former process, the abstract and generic cryptographic scheme is being transformed into an exact and specific mathematical scheme, while in the latter process the output of mathematical realization is being transformed into a physical cryptographic module runs as a piece of software, or hardware, or combination of both. It is well known that the process of generating random numbers can be mathematically realized with Pseudorandom Number Generator (PRNG) for cryptographic schemes in traditional leakage-free context
without affecting their practical security of mathematical realization. However, it is unknown that whether one can use PRNG to mathematically realize this process for leakage resilient cryptographic schemes without affecting practical security of mathematical realization.
Our results show that if one directly uses PRNG to mathematically realize this process, some leakage resilient cryptographic schemes may not be practical secure any more. Furthermore, we give out a suggested way to mathematically realize this process with exponentially hard PRNG and extractor without affecting practical security of mathematical realization of a leakage resilient scheme. Our results show the big gap between theoretical security of leakage resilient cryptographic scheme and practical security of mathematical realization of the same scheme when the process of generating random numbers is mathematically realized by PRNG.
↧