Advertisement

Key Insulation and Intrusion Resilience over a Public Channel

  • Mihir Bellare
  • Shanshan Duan
  • Adriana Palacio
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5473)

Abstract

Key insulation (KI) and Intrusion resilience (IR) are methods to protect a user’s key against exposure by utilizing periodic communications with an auxiliary helper. But existing work assumes a secure channel between user and helper. If we want to realize KI or IR in practice we must realize this secure channel. This paper looks at the question of how to do this when the communication is over what we are more likely to have in practice, namely a public channel such as the Internet or a wireless network. We explain why this problem is not trivial, introduce models and definitions that capture the desired security in a public channel setting, and provide a complete (and surprising) answer to the question of when KI and IR are possible over a public channel. The information we provide is important to guide practitioners with regard to the usage of KI and IR and also to guide future research in this area.

Keywords

Signature Scheme Active Attack Secure Channel Public Channel Interactive Algorithm 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Anderson, R.: Two Remarks on Public-Key Cryptology. In: 2000, and Invited Lecture at the Fourth Annual Conference on Computer and Communications Security, Zurich, Switzerland (April 1997) (manuscript)Google Scholar
  2. 2.
    Bellare, M., Miner, S.K.: A forward-secure digital signature scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 431. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Duan, S., Palacio, A.: Key Insulation and Intrusion Resilience Over a Public Channel. IACR Eprint Archive (2009)Google Scholar
  4. 4.
    Bellare, M., Palacio, A.: Protecting against Key Exposure: Strongly Key-Insulated Encryption with Optimal Threshold. Applicable Algebra in Engineering, Communication and Computing 16(6), 379–396 (2006)MathSciNetCrossRefzbMATHGoogle Scholar
  5. 5.
    Bellare, M., Rogaway, P.: Authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  6. 6.
    Bellare, M., Rogaway, P.: The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 409–426. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  7. 7.
    Bellare, M., Yee, B.S.: Forward-security in private-key cryptography. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 1–18. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation. In: Proceedings of the 30th Annual Symposium on the Theory of Computing. ACM, New York (1998)Google Scholar
  9. 9.
    Canetti, R., Feige, U., Goldreich, O., Naor, M.: Adaptively Secure Multi- Party Computation. In: Proceedings of the 28th Annual Symposium on the Theory of Computing. ACM, New York (1996)Google Scholar
  10. 10.
    Canetti, R., Halevi, S., Katz, J.: A Forward-Secure Public-Key Encryption Scheme. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656. Springer, Heidelberg (2003)Google Scholar
  11. 11.
    Canetti, R., Krawczyk, H.: Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, p. 453. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  12. 12.
    Canetti, R., Krawczyk, H.: Universally Composable Notions of Key Exchange and Secure Channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, p. 337. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  13. 13.
    Dodis, Y., Franklin, M., Katz, J., Miyaji, A., Yung, M.: Intrusion-Resilient Public-Key Encryption. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 19–32. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  14. 14.
    Dodis, Y., Franklin, M., Katz, J., Miyaji, A., Yung, M.: A Generic Construction for Intrusion-Resilient Public-Key Encryption. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 81–98. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  15. 15.
    Dodis, Y., Katz, J., Xu, S., Yung, M.: Key-Insulated Public Key Cryptosystems. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, p. 65. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  16. 16.
    Dodis, Y., Katz, J., Xu, S., Yung, M.: Strong Key-Insulated Signature Schemes. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 130–144. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  17. 17.
    Dwork, C., Naor, M., Reingold, O., Stockmeyer, L.: Magic Functions. In: Proceedings of the 40th Symposium on Foundations of Computer Science. IEEE, Los Alamitos (1999)Google Scholar
  18. 18.
    Hanaoka, G., Hanaoka, Y., Imai, H.: Parallel Key-Insulated Public Key Encryption. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, pp. 105–122. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  19. 19.
    Hanaoka, Y., Hanaoka, G., Shikata, J., Imai, H.: Identity-based Heirarchical Strongly Key-Insulated Encryption and its Application. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 495–514. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  20. 20.
    Itkis, G., Reyzin, L.: SiBIR: Signer-Base -Resilient Signatures. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, p. 499. Springer, Heidelberg (2002)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Mihir Bellare
    • 1
  • Shanshan Duan
    • 2
  • Adriana Palacio
    • 3
  1. 1.Dept.of Computer Science & EngineeringUniversity of CaliforniaSan DiegoUSA
  2. 2.Dept.of Computer Science & EngineeringUniversity of CaliforniaSan DiegoUSA
  3. 3.Computer Science DepartmentBowdoin CollegeUSA

Personalised recommendations