Abstract
We introduce a new method of achieving intrusion-resilience in the cryptographic protocols. More precisely we show how to preserve security of such protocols, even if a malicious program (e.g. a virus) was installed on a computer of an honest user (and it was later removed). The security of our protocols relies on the assumption that the amount of data that the adversary can transfer from the infected machine is limited (however, we allow the adversary to perform any efficient computation on user’s private data, before deciding on what to transfer). We focus on two cryptographic tasks, namely: session-key generation and entity authentication. Our method is based on the results from the Bounded-Storage Model.
This is an extended version of a report [Dzi05] that appeared on the eprint archive.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-3-540-32732-5_32
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Aumann, Y., Ding, Y.Z., Rabin, M.O.: Everlasting security in the bounded storage model. IEEE Transactions on Information Theory 48(6), 1668–1680 (2002)
Anderson, R.: Two remarks on public key cryptology. Technical report, University of Cambridge, Computer Laboratory (2002)
Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: ACM Conference on Computer and Communications Security, pp. 62–73 (1993)
Cachin, C.: Entropy Measures and Unconditional Security in Cryptography. PhD thesis, ETH Zurich (1997); Reprint as vol. 1 of ETH Series in Information Security and Cryptography, ISBN 3-89649-185-7, Hartung- Gorre Verlag, Konstanz (1997)
Cachin, C., Crepeau, C., Marcil, J.: Oblivious transfer with a memorybounded receiver. In: 39th Annual Symposium on Foundations of Computer Science, pp. 493–502 (1998)
Cash, D., Ding, Y.Z., Dodis, Y., Lee, W., Lipton, R., Walfish, S.: Intrusion-resilient authentication and key agreement in the limited communication model (manuscript, 2005)
Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. In: Advances in Cryptology - EUROCRYPT 2003, International Conference on the Theory and Applications of Cryptographic Techniques, Warsaw, Poland, May 4-8, vol. 2656, pp. 255–271 (2003)
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)
Cachin, C., Maurer, U.: Unconditional security against memory-bounded adversaries. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 292–306. Springer, Heidelberg (1997)
Dodis, Y., Franklin, M.K., Katz, J., Miyaji, A., Yung, M.: Intrusion-resilient public-key encryption. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 19–32. Springer, Heidelberg (2003)
Dodis, Y., Franklin, M.K., Katz, J., Miyaji, A., Yung, M.: A Generic Construction for Intrusion-Resilient Public-Key Encryption. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 81–98. Springer, Heidelberg (2004)
Ding, Y.Z., Harnik, D., Rosen, A., Shaltiel, R.: Constant-round oblivious transfer in the bounded storage model. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 446–472. Springer, Heidelberg (2004)
Ding, Y.Z.: Oblivious Transfer in the Bounded Storage Model. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 155–170. Springer, Heidelberg (2001)
Ding, Y.Z.: Error correction in the bounded storage model. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 578–599. Springer, Heidelberg (2005)
Dagon, D., Lee, W., Lipton, R.J.: Protecting secret data from insider attacks. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 16–30. Springer, Heidelberg (2005)
Dziembowski, S., Maurer, U.: On Generating the Initial Key in the Bounded-Storage Model. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 126–137. Springer, Heidelberg (2004)
Dziembowski, S., Maurer, U.: Optimal randomizer efficiency in the bounded-storage model. Journal of Cryptology 17(1), 5–26 (January 2004)
Dodis, Y.: Exposure-Resilient Cryptography. PhD thesis, Massachussetts Institute of Technology (August. 2000)
Diffie, W., van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Designs, Codes and Cryptography 2(2), 107–125 (1992)
Dziembowski, S.: Intrusion-resilience via the bounded-storage model. Cryp tology ePrint Archive, Report 2005/179 (2005), http://eprint.iacr.org/
Goldwasser, S., Micali, S.: Probabilistic encryption. Journal of Computer and System Sciences 28(2), 270–299 (1984)
Goldreich, O.: Foundations of Cryptography: Basic Applications, vol. 2. Cambridge University Press, New York, NY, USA (2004)
Itkis, G., Reyzin, L.: SiBIR: Signer-Base Intrusion-Resilient Signatures. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 499–514. Springer, Heidelberg (2002)
Krawczyk, H.: A versatile secure key-exchangemechanism for the internet. In: Proceedings of the 1996 Symposium on Network and Distributed System Security (SNDSS 1996), pp. 114–127. IEEE Computer Society, Los Alamitos (1996)
Kelsey, J., Schneier, B.: Authenticating secure tokens using slow memory access. In: USENIX Workshop on Smart Card Technology, pp. 101–106. USENIX Press (1999)
Kelsey, J., Schneier, B., Wagner, D., Hall, C.: Side channel cryptanalysis of product ciphers. Journal of Computer Security 8(2/3) (2000)
Lu, C.-J.: Encryption against storage-bounded adversaries from on-line strong extractors. Journal of Cryptology 17(1), 27–42 (January 2004)
Maurer, U.: Conditionally-perfect secrecy and a provably-secure randomized cipher. Journal of Cryptology 5(1), 53–66 (1992)
Moran, T., Shaltiel, R., Ta-Shma, A.: Non-interactive timestamping in the bounded storage model. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 460–476. Springer, Heidelberg (2004)
Nisan, N., Zuckerman, D.: Randomness is linear in space. Journal of Computer and System Sciences 52(1), 43–52 (1996)
Vadhan, S.P.: Constructing locally computable extractors and cryptosystems in the bounded-storage model. Journal of Cryptology 17(1), 43–77 (January 2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dziembowski, S. (2006). Intrusion-Resilience Via the Bounded-Storage Model. In: Halevi, S., Rabin, T. (eds) Theory of Cryptography. TCC 2006. Lecture Notes in Computer Science, vol 3876. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11681878_11
Download citation
DOI: https://doi.org/10.1007/11681878_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-32731-8
Online ISBN: 978-3-540-32732-5
eBook Packages: Computer ScienceComputer Science (R0)