G22.3033-013 Exposure-resilient Cryptography 2 Proactive Security
نویسنده
چکیده
Today, we will conclude our discussion of threshold schemes, describing some results from Dodis & Katz (2005). We define proactive security and share refreshing, giving examples for discrete-log based cryptosystems. We describe generic threshhold signature and encryption schemes. We explore Multiple-CCA (MCCA) security and failure of sequential or parallel encryption to acheive it. We give one scheme using one-time signatures. We describe the hierarchy of MCCA notions: wMCCA, MCCA, sCCA and describe a technique using CRHFs to achieve sMCCA security with short shares. We conclude with an application to threshold encryption.
منابع مشابه
G22.3033-013 Exposure-resilient Cryptography
We continue our discussion of Verifiable Secret Sharing, giving two instantiations of the general schema from the last lecture. First, using Commit(x) = g: Feldman VSS, which leaks nothing but g and is perfect binding. Second, using Perdersen’s commitment Commit(x; r) = gh: Pedersen VSS. Next, we turn to the problem of adaptive security. We describe an adaptively secure Feldman VSS using trapdo...
متن کاملExposure-Resilience for Free: The Hierarchical ID-based Encryption Case
In the problem of gradual key exposure [7] (which is very closely related to the problem of proactive security [27]), the secret key is assumed to be slowly compromised over time, so that more and more information about a secret key is eventually leaked. This models the general situation in the real world where memory, storage systems and devices cannot perfectly hide all information for long t...
متن کاملA new security proof for FMNV continuous non-malleable encoding scheme
A non-malleable code is a variant of an encoding scheme which is resilient to tampering attacks. The main idea behind non-malleable coding is that the adversary should not be able to obtain any valuable information about the message. Non-malleable codes are used in tamper-resilient cryptography and protecting memories against tampering attacks. Many different types of non-malleability have alre...
متن کاملExposure-resilient cryptography
We develop the notion of Exposure-Resilient Cryptography. While standard cryptographic definitions and constructions do not guarantee any security even if a tiny fraction of the secret entity (e.g., cryptographic key) is compromised, the objective of Exposure-Resilient Cryptography is to build information structures such that almost complete (intentional or unintentional) exposure of such a str...
متن کاملExposure-Resilient Functions and All-or-Nothing Transforms
We study the problem of partial key exposure. Standard cryptographic definitions and constructions do not guarantee any security even if a tiny fraction of the secret key is compromised. We show how to build cryptographic primitives that remain secure even when an adversary is able to learn almost all of the secret key. The key to our approach is a new primitive of independent interest, which w...
متن کامل