Abstract
This paper provides a comprehensive treatment of forwardsecurity in the context of shared-key based cryptographic primitives, as a practical means to mitigate the damage caused by key-exposure. We provide definitions of security, practical proven-secure constructions, and applications for the main primitives in this area. We identify forwardsecure pseudorandom bit generators as the central primitive, providing several constructions and then showing how forward-secure message authentication schemes and symmetric encryption schemes can be built based on standard schemes for these problems coupled with forwardsecure pseudorandom bit generators. We then apply forward-secure message authentication schemes to the problem of maintaining secure access logs in the presence of break-ins.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. Abdalla and M. Bellare, “Increasing the lifetime of a key: A comparative analysis of the security of rekeying techniques.” Advances in Cryptology-ASIACRYPT’ 00, Lecture Notes in Computer Science Vol. 1976, T. Okamoto ed., Springer-Verlag, 2000. 5, 14
R. Anderson, “Two Remarks on Public-Key Cryptology,” Manuscript, 2000, and Invited Lecture at the Fourth Annual Conference on Computer and Communications Security, Zurich, Switzerland, April 1997. 3, 4
D. Beaver and S. Haber, “Cryptographic protocols provably secure against dynamic adversaries,” Advances in Cryptology-EUROCRYPT’ 92, Lecture Notes in Computer Science Vol. 658, R. Rueppel ed., Springer-Verlag, 1992. 4
M. Bellare, R. Canetti and H. Krawczyk, “Keying hash functions for message authentication,” Advances in Cryptology-CRYPTO’ 96, Lecture Notes in Computer Science Vol. 1109, N. Koblitz ed., Springer-Verlag, 1996. 3, 11
M. Bellare, A. Desai, E. Jokipii and P. Rogaway, “A concrete security treatment of symmetric encryption: Analysis of the DES modes of operation,” Proceedings of the 38th Symposium on Foundations of Computer Science, IEEE, 1997. 5, 6, 7
M. Bellare, J. Kilian and P. Rogaway, “The security of cipher block chaining,” Journal of Computer and System Sciences, Vol. 61, No. 3, Dec 2000, pp. 362–399. 5, 6, 7, 9, 12
M. Bellare and S. Miner, “A forward-secure digital signature scheme,” Advances in Cryptology-CRYPTO’ 99, Lecture Notes in Computer Science Vol. 1666, M. Wiener ed., Springer-Verlag, 1999. 3, 4, 12
M. Bellare and C. Namprempre, “Authenticated Encryption: Relations among notions and analysis of the generic composition paradigm,” Advances in Cryptology-ASIACRYPT’ 00, Lecture Notes in Computer Science Vol. 1976, T. Okamoto ed., Springer-Verlag, 2000. 4
M. Bellare and B. Yee, “Forward-security in private-key cryptography,” Fullversion of this paper, available via http://www-cse.ucse.edu/users/mihir. 4,9, 14
J. Black, S. Halevi, H. Krawczyk, T. Krovetz and P. Rogaway,“UMAC: Fast and Secure Message Authentication,” Advances in Cryptology-CRYPTO’ 99, Lecture Notes in Computer Science Vol. 1666, M. Wiener ed.,Springer-Verlag, 1999. 3
L. Blum, M. Blum and M. Shub, “A simple unpredictable pseudo-randomnumber generator,” SIAM Journal on Computing Vol. 15, No. 2, 364–383, May 1986. 3, 11
M. Blum and S. Micali, “How to generate cryptographically strong sequencesof pseudo-random bits,” SIAM Journal on Computing, Vol. 13, No. 4, 850–864,November 1984. 2, 3, 5, 6, 11
R. Canetti and A. Herzberg, “Maintaining security in the presence of transientfaults,” Advances in Cryptology-CRYPTO’ 94, Lecture Notes in ComputerScience Vol. 839, Y. Desmedt ed., Springer-Verlag, 1994. 5
C.-S. Chow and A. Herzberg, “Network randomization protocol: A proactivepseudo-random generator,” Proceedings of the 5th Usenix Unix SecuritySymposium, June 1995. 5
A. Desai, A. Hevia and L. Yin, “A Practice-Oriented Treatment of Pseudorandom Number Generators,” Advances in Cryptology-EUROCRYPT’ 02, Lecture Notes in Computer Science Vol. 2332, L. Knudsen ed., Springer-Verlag, 2002. 5
Y. Desmedt, “Threshold cryptography,” European Trans. on Telecommunications,Vol. 5, No. 4, pp. 449–457, July–August 1994. 4
W. Diffie, P. van Oorschot and M. Wiener, “Authentication and authenticatedkey exchanges”, Designs, Codes and Cryptography, 2, 1992, pp. 107–125.4
O. Goldreich, S. Goldwasser and S. Micali, “How to construct randomfunctions,” Journal of the ACM, Vol. 33, No. 4, 1986, pp. 210–217. 9
C. Günther, “An identity-based key-exchange protocol,” Advances in Cryptology-EUROCRYPT’ 89, Lecture Notes in Computer Science Vol. 434, J-J. Quisquater, J. Vandewille ed., Springer-Verlag, 1989. 4
H. Krawczyk, “Simple forward-secure signatures from any signature scheme,” Proceedings of the 7th Annual Conference on Computer and CommunicationsSecurity, ACM, 2000. 4
A. Herzberg, S. Jarecki, H. Krawczyk and M. Yung, “Proactive secretsharing, or: How to cope with perpetual leakage,” Advances in Cryptology-CRYPTO’ 95, Lecture Notes in Computer Science Vol. 963, D. Coppersmithed. ed., Springer-Verlag, 1995. 4
J. Katz, “A forward-secure public-key encryption scheme,” Cryptology ePrintArchive: Report 2002/060, May 2002, http://eprint.iacr.org/2002/060/. 4
U. S. National Institute of Standards and Technology, “Federal information processingstandards publication 140-1: Security requirements for cryptographicmodules”, January 1994. 5
B. Schneier and J. Kelsey, “Cryptographic support for secure logs on untrustedmachines,” ACM TISSEC, Vol. 2, 1999. Preliminary version in Proceedingsof the 7th USENIX Security Symposium, USENIX Press, 1998. 3, 16,17
A. Yao, “Theory and applications of trapdoor functions,” Proceedings of the23rd Symposium on Foundations of Computer Science, IEEE, 1982. 2, 5, 6
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bellare, M., Yee, B. (2003). Forward-Security in Private-Key Cryptography. In: Joye, M. (eds) Topics in Cryptology — CT-RSA 2003. CT-RSA 2003. Lecture Notes in Computer Science, vol 2612. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36563-X_1
Download citation
DOI: https://doi.org/10.1007/3-540-36563-X_1
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00847-7
Online ISBN: 978-3-540-36563-1
eBook Packages: Springer Book Archive