In recent years much research has been devoted to producing formal models of security for cryptographic primitives and to designing schemes that can be proved secure in such models. This line of research typically assumes that an adversary is given black-box access to a cryptographic mechanism that uses some secret key. One then proves that this black-box access does not help the adversary to achieve its task. An increasingly popular environment for cryptographic implementation is the smart-card. In such an environment a denition of security that provides an adversary with only black-box access to the cryptography under attack may be unrealistic. This is illustrated by attacks such as the power-analysis methods proposed by Kocher and others. In this paper we attempt to formally dene a set of necessary conditions on an implementation of a cryptosystem so that security against an adversary with black-box access is preserved in a more hostile environment such as the smart-card. Unlike t...
Alexander W. Dent, John Malone-Lee