Forward Secure Non-Interactive Key Exchange
- 1k Downloads
Exposure of secret keys is a major concern when cryptographic protocols are implemented on weakly secure devices. Forward security is thus a way to mitigate damages when such an event occurs. In a forward-secure scheme, the public key is indeed fixed while the secret key is updated with a one-way process at regular time periods so that security of the scheme is ensured for any period prior to the exposure, since previous secret keys cannot be recovered from the corrupted one. Efficient constructions have been proposed for digital signatures or public-key encryption schemes, but none for non-interactive key exchange protocols, while the non-interactivity makes them quite vulnerable since the public information cannot evolve from an execution to another one.
In this paper we present a forward-secure non-interactive key exchange scheme with sub-linear complexity in the number of time periods. Our protocol is described using generic leveled multilinear maps, but we show that it is compatible with the recently introduced candidates for such maps. We also discuss various security models for this primitive and prove that our scheme fulfills them, under standard assumptions.
Keywordsforward security non-interactive key exchange multilinear map
Unable to display preview. Download preview PDF.
- [And97]Anderson, R.: Two remarks on public key cryptology (1997)Google Scholar
- [BSSW06]Boyen, X., Shacham, H., Shen, E., Waters, B.: Forward-secure signatures with untrusted update. In: Juels, A., Wright, R.N., De Capitani di Vimercati, S (eds.) ACM CCS 2006: 13th Conference on Computer and Communications Security, pp. 191–200. ACM Press (October/November 2006)Google Scholar
- [KR00]Krawczyk, H., Rabin, T.: Chameleon signatures. In: ISOC Network and Distributed System Security Symposium – NDSS, The Internet Society (February 2000)Google Scholar
- [SOK00]Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing over elliptic curve. In: Symposium on Cryptography and Information Security (2000)Google Scholar