Abstract
Exposure of secret keys seems to be inevitable, and may in practice represent the most likely point of failure in a cryptographic system. Recently, the notion of intrusion-resilience [17] (which extends both the notions of forward security [3], [5] and key insulation [11]) was proposed as a means of mitigating the harmful effects that key exposure can have. In this model, time is divided into distinct periods; the public key remains fixed throughout the lifetime of the protocol but the secret key is periodically updated. Secret information is stored by both a user and a base; the user performs all cryptographic operations during a given time period, while the base helps the user periodically update his key. Intrusion-resilient schemes remain secure in the face of multiple compromises of both the user and the base, as long as they are not both compromised simultaneously. Furthermore, in case the user and base are compromised simultaneously, prior time periods remain secure (as in forward-secure schemes). Intrusion-resilient signature schemes have been previously constructed [17], [15]. Here, we give the first construction of an intrusion-resilient publickey encryption scheme, based on the recently-constructed forwardsecure encryption scheme of [8]. We also consider generic transformations for securing intrusion-resilient encryption schemes against chosenciphertext attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. Abdalla, S. Miner, and C. Namprempre. Forward-Secure Threshold Signature Schemes. RSA 2001.
M. Abdalla and L. Reyzin. A New Forward-Secure Digital Signature Scheme. Asiacrypt 2000. 21
R. Anderson. Two Remarks on Public-Key Cryptology. Invited lecture, CCCS’ 97. Available at http://www.cl.cam.ac.uk/users/rja14/. 19, 20
M. Bellare, A Desai, E. Jokipii, and P. Rogaway. A Concrete Security Treatment of Symmetric Encryption. FOCS’ 97. 24
M. Bellare and S. Miner. A Forward-Secure Digital Signature Scheme. Crypto’ 99. 19, 20, 21
M. Bellare and A. Palacio. Protecting against Key Exposure: Strongly Key-Insulated Encryption with Optimal Threshold. Available at http://eprint.iacr.org. 21
D. Boneh and M. Franklin. Identity-Based Encryption from the Weil Pairing. Crypto 2001. Full version to appear in SIAM J. Computing and available at http://eprint.iacr.org/2001/090/. 21, 25
R. Canetti, S. Halevi, and J. Katz. A Forward-Secure Public-Key Encryption Scheme. Preliminary version available at http://eprint.iacr.org/2002/060/. 19, 21, 22, 25, 26, 29, 30, 31
A. De Santis, Y. Desmedt, Y. Frankel, and M. Yung. How to Share a Function Securely. STOC’ 94. 20
Y. Desmedt and Y. Frankel. Threshold Cryptosystems. Crypto’ 89. 20
Y. Dodis, J. Katz, S. Xu, and M. Yung. Key-Insulated Public-Key Cryptosystems. Eurocrypt 2002. 19, 20, 21
Y. Dodis, J. Katz, S. Xu, and M. Yung. Strong Key-Insulated Signature Schemes. PKC 2003. 20, 21
E. Fujisaki and T. Okamoto. Secure Integration of Asymmetric and Symmetric Encryption Schemes. Crypto’ 99. 22, 31
C. Gentry and A. Silverberg. Hierarchical ID-Based Cryptography. Asiacrypt 2002. 25, 30, 31
G. Itkis. Intrusion-Resilient Signatures: Generic Constructions, or Defeating a Strong Adversary with Minimal Assumptions. SCN 2002. 19, 21
G. Itkis and L. Reyzin. Forward-Secure Signatures with Optimal Signing and Verifying. Crypto 2001. 21
G. Itkis and L. Reyzin. SiBIR: Signer-Base Intrusion-Resilient Signatures. Crypto 2002. 19, 21, 22
A. Joux. The Weil and Tate Pairing as Building Blocks for Public-Key Cryptosystems. ANTS 2002. 25
A. Joux and K. Nguyen. Separating Decision Diffie-Hellman from Diffie-Hellman in Cryptographic Groups. Manuscript, Jan. 2001. Available at http://eprint.iacr.org. 25
H. Krawczyk. Simple Forward-Secure Signatures From any Signature Scheme. CCCS 2000. 21
T. Malkin, D. Micciancio, and S. Miner. Efficient Generic Forward-Secure Signatures with an Unbounded Number of Time Periods. Eurocrypt 2002. 21
T. Okamoto and D. Pointcheval. REACT: Rapid Enhanced-Security Asymmetric Cryptosystem Transform. CT-RSA 2001. 22, 31
R. Ostrovsky and M. Yung. How to Withstand Mobile Virus Attacks. PODC’ 91. 21, 22
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dodis, Y., Franklin, M., Katz, J., Miyaji, A., Yung, M. (2003). Intrusion-Resilient Public-Key Encryption. In: Joye, M. (eds) Topics in Cryptology — CT-RSA 2003. CT-RSA 2003. Lecture Notes in Computer Science, vol 2612. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36563-X_2
Download citation
DOI: https://doi.org/10.1007/3-540-36563-X_2
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00847-7
Online ISBN: 978-3-540-36563-1
eBook Packages: Springer Book Archive