Intrusion-Resilient Secure Channels

(Extended Abstract)
  • Gene Itkis
  • Robert McNerneyJr.
  • Scott Russell
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3531)


We propose a new secure communication primitive called an Intrusion-Resilient Channel (IRC) that limits the damage resulting from key exposures and facilitates recovery. We define security against passive but mobile and highly adaptive adversaries capable of exposing even expired secrets. We describe an intuitive channel construction using (as a black box) existing public key cryptosystems. The simplicity of the construction belies the technical challenges in its security proof.

Additionally, we outline a general strategy for proving enhanced security for two-party protocols when an IRC is employed to secure all communication. Specifically, given a protocol proven secure against adversaries with restricted access to protocol messages, we show how the use of an IRC allows some of these adversary restrictions to be lifted. Once again, proving the efficacy of our intuitive approach turns out to be non-trivial. We demonstrate the strategy by showing that the intrusion-resilient signature scheme of [IR02] can be made secure against adversaries that expose even expired secrets.


Query Sequence Security Parameter Secure Channel Data Message Protocol Message 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. [And97]
    Shoup, V.: On formal models for secure key exchange. Research Report RZ 3120 (#93166), IBM Research (April 1999), A revised version 4, dated (November 15, 1999), is available from
  2. [And02]
    Anderson, R.: Two remarks on public key cryptology. Technical Report UCAM-CL-TR-549, University of Cambridge, Computer Laboratory (December 2002),
  3. [BBDP01]
    Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-privacy in public-key encryption. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, p. 566. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. [BCK98]
    Bellare, M., Canetti, R., Krawczyk, H.: A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract). In: ACM (ed.) Proceedings of the Thirtieth Annual ACM Symposium on Theory of Computing, Dallas, Texas, May 23-26 (1998)Google Scholar
  5. [BDPR98]
    Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)Google Scholar
  6. [BH93]
    Beaver, D., Haber, S.: Cryptographic protocols provably secure against dynamic adversaries. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 307–323. Springer, Heidelberg (1993)CrossRefGoogle Scholar
  7. [BHNS99]
    Barak, B., Herzberg, A., Naor, D., Shai, E.: The proactive security toolkit and applications. In: Tsudik, G. (ed.) Proceedings of the 5th ACM Conference on Computer and Communications Security, Singapore, November 1999, pp. 18–27. ACM Press, New York (1999)CrossRefGoogle Scholar
  8. [BM99]
    Bellare, M., Miner, S.K.: A forward-secure digital signature scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 431–448. Springer, Heidelberg (1999), Revised version is available from
  9. [BR94]
    Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)Google Scholar
  10. [Can01]
    Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: 42nd Annual Symposium on Foundations of Computer Science, New York, October 2001, pp. 136–145. IEEE, Los Alamitos (2001)Google Scholar
  11. [CCS97]
    Fourth ACM Conference on Computer and Communication Security, April 1-4. ACM, New York (1997)Google Scholar
  12. [CHH00]
    Canetti, R., Halevi, S., Herzberg, A.: Maintaining authenticated communication in the presence of break-ins. Journal of Cryptology 13(1), 61–105 (2000)zbMATHCrossRefMathSciNetGoogle Scholar
  13. [CK01]
    Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 451–472. Springer, Heidelberg (2001)Google Scholar
  14. [CK02]
    Canetti, R., Krawczyk, H.: Universally composable notions of key exchange and secure channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. [Des97]
    Desmedt, Y.: Some recent research aspects of threshold cryptography. In: Proc. 1st International Information Security Workshop, pp. 158-173 (1997)Google Scholar
  16. [DFK+03]
    Dodis, Y., Franklin, M., Katz, J., Miyaji, A., Yung, M.: Intrusion-resilient public-key encryption. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 19–32. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  17. [DH76]
    Dime, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory IT-22(6), 644–654 (1976)Google Scholar
  18. [FGMY97]
    Frankel, Y., Gemmell, P.S., MacKenzie, P.D., Yung, M.: Proactive RSA. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 440–454. Springer, Heidelberg (1997)Google Scholar
  19. [FMY99]
    Frankel, Y., MacKenzie, P.D., Yung, M.: Adaptively-secure optimal-resilience proactive RSA. In: Lam, K.-Y., Okamoto, E., Xing, C. (eds.) ASIACRYPT 1999. LNCS, vol. 1716, pp. 180–195. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  20. [Gol01]
    Goldreich, O.: Foundations of Cryptography: Basic Tools. Cambridge University Press, Cambridge (2001)zbMATHCrossRefGoogle Scholar
  21. [HJJ+97]
    Herzberg, A., Jakobsson, M., Jarecki, S., Krawczyk, H., Yung, M.: Proactive public key and signature systems. In: Fourth ACM Conference on Computer and Communication Security [CCS97], pp. 100–110Google Scholar
  22. [HJKY+95]
    Herzberg, A., Jarecki, S., Krawczyk, H., Yung, M.: Proactive secret sharing or: How to cope with perpetual leakage. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 339–352. Springer, Heidelberg (1995)Google Scholar
  23. [IMR05]
    Itkis, G., McNerney, R., Russell, S.: Intrusion-resilient secure channels. Cryptology ePrint Archive, Report 2005/247 (2005),
  24. [IR02]
    Itkis, G., Reyzin, L.: SiBIR: Intrusion-resilient signatures, or towards obsoletion of certificate revocation. In: Yung [Yun02], Available from
  25. [JL00]
    Jarecki, S., Lysyanskaya, A.: Adaptively secure threshold cryptography: Introducing concurrency, removing erasures (Extended abstract). In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 221–242. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  26. [MVV97]
    Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of applied cryptography. The CRC Press series on discrete mathematics and its applications. CRC Press, Boca Raton (2000)Google Scholar
  27. [NKDM03]
    Nicolosi, A., Krohn, M., Dodis, Y., Mazieres, D.: Proactive two-party signatures for user authentication. In: Proceedings of the Symposium on Network and Distributed Systems Security (NDSS 2003) (2003)Google Scholar
  28. [OY91]
    Ostrovsky, R., Yung, M.: How to withstand mobile virus attacks. In: 10-th Annual ACM Symp. on Principles of Distributed Computing, pp. 51-59 (1991)Google Scholar
  29. [Sho99]
    Shoup, V.: On formal models for secure key exchange. Research Report RZ 3120 (#93166), IBM Research (April 1999), A revised version 4, dated (November 15, 1999), is available from
  30. [Yun02]
    Yung, M. (ed.): CRYPTO 2002. LNCS, vol. 2442. Springer, Heidelberg (2002)zbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Gene Itkis
    • 1
  • Robert McNerneyJr.
    • 1
  • Scott Russell
    • 1
  1. 1.Computer Science DeptBoston UniversityBostonUSA

Personalised recommendations