Cryptographic Hardware and Embedded Systems - CHES 2009

Volume 5747 of the series Lecture Notes in Computer Science pp 411-428

On Tamper-Resistance from a Theoretical Viewpoint

The Power of Seals
  • Paulo MateusAffiliated withSQIG /Instituto de Telecomunicações - IST/TULisbon
  • , Serge VaudenayAffiliated withEPFL


Tamper-proof devices are pretty powerful. They can be used to have better security in applications. In this work we observe that they can also be maliciously used in order to defeat some common privacy protection mechanisms. We propose the theoretical model of trusted agent to formalize the notion of programmable secure hardware. We show that protocols not using tamper-proof devices are not deniable if malicious verifiers can use trusted agents. In a strong key registration model, deniability can be restored, but only at the price of using key escrow. As an application, we show how to break invisibility in undeniable signatures, how to sell votes in voting schemes, how to break anonymity in group/ring signatures, and how to carry on the Mafia fraud in non-transferable protocols. We conclude by observing that the ability to put boundaries in computing devices prevents from providing full control on how private information spreads: the concept of sealing a device is in some sense incompatible with privacy.