Intrusion-resilient public-key encryption

Yevgeniy Dodis, Matt Franklin, Jonathan Katz, Atsuko Miyaji, Moti Yung

Research output: Contribution to journalArticle

Abstract

Exposure of secret keys seems to be inevitable, and may in practice represent the most likely point of failure in a cryptographic system. Recently, the notion of intrusion-resilience [17] (which extends both the notions of forward security [3, 5] and key insulation [11]) was proposed as a means of mitigating the harmful effects that key exposure can have. In this model, time is divided into distinct periods; the public key remains fixed throughout the lifetime of the protocol but the secret key is periodically updated. Secret information is stored by both a user and a base; the user performs all cryptographic operations during a given time period, while the base helps the user periodically update his key. Intrusion-resilient schemes remain secure in the face of multiple compromises of both the user and the base, as long as they are not both compromised simultaneously. Furthermore, in case the user and base are compromised simultaneously, prior time periods remain secure (as in forward-secure schemes). Intrusion-resilient signature schemes have been previously constructed [17,15]. Here, we give the first construction of an intrusion-resilient public-key encryption scheme, based on the recently-constructed forward-secure encryption scheme of [8]. We also consider generic transformations for securing intrusion-resilient encryption schemes against chosen-ciphertext attacks.

Original languageEnglish (US)
Pages (from-to)19-32
Number of pages14
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2612
StatePublished - 2003

Fingerprint

Public Key Encryption
Cryptography
Encryption
Forward Security
Insulation
Resilience
Public key
Signature Scheme
Lifetime
Update
Likely
Attack
Distinct

ASJC Scopus subject areas

  • Computer Science(all)
  • Biochemistry, Genetics and Molecular Biology(all)
  • Theoretical Computer Science

Cite this

Intrusion-resilient public-key encryption. / Dodis, Yevgeniy; Franklin, Matt; Katz, Jonathan; Miyaji, Atsuko; Yung, Moti.

In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 2612, 2003, p. 19-32.

Research output: Contribution to journalArticle

@article{86ca085d68e44668b43f5b80558acca2,
title = "Intrusion-resilient public-key encryption",
abstract = "Exposure of secret keys seems to be inevitable, and may in practice represent the most likely point of failure in a cryptographic system. Recently, the notion of intrusion-resilience [17] (which extends both the notions of forward security [3, 5] and key insulation [11]) was proposed as a means of mitigating the harmful effects that key exposure can have. In this model, time is divided into distinct periods; the public key remains fixed throughout the lifetime of the protocol but the secret key is periodically updated. Secret information is stored by both a user and a base; the user performs all cryptographic operations during a given time period, while the base helps the user periodically update his key. Intrusion-resilient schemes remain secure in the face of multiple compromises of both the user and the base, as long as they are not both compromised simultaneously. Furthermore, in case the user and base are compromised simultaneously, prior time periods remain secure (as in forward-secure schemes). Intrusion-resilient signature schemes have been previously constructed [17,15]. Here, we give the first construction of an intrusion-resilient public-key encryption scheme, based on the recently-constructed forward-secure encryption scheme of [8]. We also consider generic transformations for securing intrusion-resilient encryption schemes against chosen-ciphertext attacks.",
author = "Yevgeniy Dodis and Matt Franklin and Jonathan Katz and Atsuko Miyaji and Moti Yung",
year = "2003",
language = "English (US)",
volume = "2612",
pages = "19--32",
journal = "Lecture Notes in Computer Science",
issn = "0302-9743",
publisher = "Springer Verlag",

}

TY - JOUR

T1 - Intrusion-resilient public-key encryption

AU - Dodis, Yevgeniy

AU - Franklin, Matt

AU - Katz, Jonathan

AU - Miyaji, Atsuko

AU - Yung, Moti

PY - 2003

Y1 - 2003

N2 - Exposure of secret keys seems to be inevitable, and may in practice represent the most likely point of failure in a cryptographic system. Recently, the notion of intrusion-resilience [17] (which extends both the notions of forward security [3, 5] and key insulation [11]) was proposed as a means of mitigating the harmful effects that key exposure can have. In this model, time is divided into distinct periods; the public key remains fixed throughout the lifetime of the protocol but the secret key is periodically updated. Secret information is stored by both a user and a base; the user performs all cryptographic operations during a given time period, while the base helps the user periodically update his key. Intrusion-resilient schemes remain secure in the face of multiple compromises of both the user and the base, as long as they are not both compromised simultaneously. Furthermore, in case the user and base are compromised simultaneously, prior time periods remain secure (as in forward-secure schemes). Intrusion-resilient signature schemes have been previously constructed [17,15]. Here, we give the first construction of an intrusion-resilient public-key encryption scheme, based on the recently-constructed forward-secure encryption scheme of [8]. We also consider generic transformations for securing intrusion-resilient encryption schemes against chosen-ciphertext attacks.

AB - Exposure of secret keys seems to be inevitable, and may in practice represent the most likely point of failure in a cryptographic system. Recently, the notion of intrusion-resilience [17] (which extends both the notions of forward security [3, 5] and key insulation [11]) was proposed as a means of mitigating the harmful effects that key exposure can have. In this model, time is divided into distinct periods; the public key remains fixed throughout the lifetime of the protocol but the secret key is periodically updated. Secret information is stored by both a user and a base; the user performs all cryptographic operations during a given time period, while the base helps the user periodically update his key. Intrusion-resilient schemes remain secure in the face of multiple compromises of both the user and the base, as long as they are not both compromised simultaneously. Furthermore, in case the user and base are compromised simultaneously, prior time periods remain secure (as in forward-secure schemes). Intrusion-resilient signature schemes have been previously constructed [17,15]. Here, we give the first construction of an intrusion-resilient public-key encryption scheme, based on the recently-constructed forward-secure encryption scheme of [8]. We also consider generic transformations for securing intrusion-resilient encryption schemes against chosen-ciphertext attacks.

UR - http://www.scopus.com/inward/record.url?scp=35248884707&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=35248884707&partnerID=8YFLogxK

M3 - Article

VL - 2612

SP - 19

EP - 32

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

SN - 0302-9743

ER -