A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
How To Construct Randolli Functions
SFCS '84 Proceedings of the 25th Annual Symposium onFoundations of Computer Science, 1984
On the importance of checking cryptographic protocols for faults
EUROCRYPT'97 Proceedings of the 16th annual international conference on Theory and application of cryptographic techniques
Read-proof hardware from protective coatings
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
On the key exposure problem in chameleon hashes
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Multi-location leakage resilient cryptography
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Hi-index | 0.00 |
Though Gennaro et al. discussed the algorithmic tamper proof (ATP) devices using the personal identification number (PIN) with less tamper-proof devices, and proposed counter units which count the number of wrong attempts in user authentication; however, as for the counter unit, they only constructed one which counts the total number of wrong attempts. Although large number for the limit of wrong attempts is required for usability, it allows an attacker to search PIN up to the limit and degrades the security. The construction of secure counter units which count the number of consecutive wrong attempts remains as an open problem. In this paper, we first formalize the ATP security of counter units, and propose two constructions of counter unit which count the number of consecutive wrong attempts. The security of each construction can be proven under the assumptions of secure signature scheme and random function. The former one is required to store two states in secure memory area (RP *** Mem) with low computation cost; and the latter one has high computation cost but is required to store only one state in RP *** Mem. This shows the trade-off between the costs of hardware and algorithm.