How to construct random functions
Journal of the ACM (JACM)
Pseudo-random generation from one-way functions
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
A note on computational indistinguishability
Information Processing Letters
Authentication and authenticated key exchanges
Designs, Codes and Cryptography
Small-bias probability spaces: efficient constructions and applications
SIAM Journal on Computing
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
The random oracle methodology, revisited (preliminary version)
STOC '98 Proceedings of the thirtieth annual ACM symposium on Theory of computing
Construction of extractors using pseudo-random generators (extended abstract)
STOC '99 Proceedings of the thirty-first annual ACM symposium on Theory of computing
Communications of the ACM
All-or-Nothing Encryption and the Package Transform
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Error Reduction for Extractors
FOCS '99 Proceedings of the 40th Annual Symposium on Foundations of Computer Science
Foundations of Cryptography: Volume 1
Foundations of Cryptography: Volume 1
The bit extraction problem or t-resilient functions
SFCS '85 Proceedings of the 26th Annual Symposium on Foundations of Computer Science
Computing with very weak random sources
SFCS '94 Proceedings of the 35th Annual Symposium on Foundations of Computer Science
Generalized Zig-zag Functions and Oblivious Transfer Reductions
SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
On Perfect and Adaptive Security in Exposure-Resilient Cryptography
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
Key-Insulated Public Key Cryptosystems
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Traitor Tracing with Constant Transmission Rate
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
On the Constructing of Highly Nonlinear Resilient Boolean Functions by Means of Special Matrices
INDOCRYPT '01 Proceedings of the Second International Conference on Cryptology in India: Progress in Cryptology
The Security of Chaffing and Winnowing
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Autocorrelation Coefficients and Correlation Immunity of Boolean Functions
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Proceedings of the 10th ACM conference on Computer and communications security
Deterministic extractors for small-space sources
Proceedings of the thirty-eighth annual ACM symposium on Theory of computing
Covert channels in privacy-preserving identification systems
Proceedings of the 14th ACM conference on Computer and communications security
Cryptography with constant computational overhead
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
How to Protect Yourself without Perfect Shredding
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Lest we remember: cold-boot attacks on encryption keys
Communications of the ACM - Security in the Browser
On cryptography with auxiliary input
Proceedings of the forty-first annual ACM symposium on Theory of computing
Information Security and Cryptology
Signature Schemes with Bounded Leakage Resilience
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Invertible extractors and wiretap protocols
ISIT'09 Proceedings of the 2009 IEEE international conference on Symposium on Information Theory - Volume 3
Intrusion-resilient key exchange in the bounded retrieval model
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Rethinking chosen-ciphertext security under Kerckhoffs'assumption
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Provably secure public-key encryption for length-preserving chaumian mixes
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Bounded CCA2-secure encryption
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
On seed-incompressible functions
TCC'08 Proceedings of the 5th conference on Theory of cryptography
Vanish: increasing data privacy with self-destructing data
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Survey: leakage resilience and the bounded retrieval model
ICITS'09 Proceedings of the 4th international conference on Information theoretic security
Security of sequential multiple encryption
LATINCRYPT'10 Proceedings of the First international conference on Progress in cryptology: cryptology and information security in Latin America
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Deterministic extractors for small-space sources
Journal of Computer and System Sciences
Achieving leakage resilience through dual system encryption
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Proceedings of the forty-third annual ACM symposium on Theory of computing
Leftover Hash Lemma, revisited
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Cryptography with tamperable and leaky memory
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Randomness leakage in the KEM/DEM framework
ProvSec'11 Proceedings of the 5th international conference on Provable security
Traitor tracing for stateful pirate decoders with constant ciphertext rate
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
Generic construction of hybrid public key traitor tracing with full-public-traceability
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Public-key encryption schemes with auxiliary inputs
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Chosen-ciphertext security of multiple encryption
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Public traceability in traitor tracing schemes
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Public-Key encryption in the bounded-retrieval model
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
The Twist-AUgmented technique for key exchange
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
A public-key traitor tracing scheme with an optimal transmission rate
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
A multi-stage secret sharing scheme using all-or-nothing transform approach
ICICS'09 Proceedings of the 11th international conference on Information and Communications Security
A method for safekeeping cryptographic keys from memory disclosure attacks
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Separating sources for encryption and secret sharing
TCC'06 Proceedings of the Third conference on Theory of Cryptography
The leakage-resilience limit of a computational problem is equal to its unpredictability entropy
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Distributed public key schemes secure against continual leakage
PODC '12 Proceedings of the 2012 ACM symposium on Principles of distributed computing
Inspection resistant memory: architectural support for security from physical examination
Proceedings of the 39th Annual International Symposium on Computer Architecture
Traitor tracing with optimal transmission rate
ISC'07 Proceedings of the 10th international conference on Information Security
Anonymous identity-based hash proof system and its applications
ProvSec'12 Proceedings of the 6th international conference on Provable Security
Robust pseudorandom generators
ICALP'13 Proceedings of the 40th international conference on Automata, Languages, and Programming - Volume Part I
Hi-index | 0.00 |
We study the problem of partial key exposure. Standard cryptographic definitions and constructions do not guarantee any security even if a tiny fraction of the secret key is compromised. We show how to build cryptographic primitives that remain secure even when an adversary is able to learn almost all of the secret key. The key to our approach is a new primitive of independent interest, which we call an Exposure-Resilient Function (ERF) - a deterministic function whose output appears random (in a perfect, statistical or computational sense) even if almost all the bits of the input are known. ERF's by themselves efficiently solve the partial key exposure problem in the setting where the secret is simply a random value, like in private-key cryptography. They can also be viewed as very secure pseudorandom generators, and have many other applications. To solve the general partial key exposure problem, we use the (generalized) notion of an All-Or-Nothing Transform (AONT), an invertible (randomized) transformation T which, nevertheless, reveals "no information" about x even if almost all the bits of T(x) are known. By applying an AONT to the secret key of any cryptographic system, we obtain security against partial key exposure. To date, the only known security analyses of AONT candidates were made in the random oracle model. We show how to construct ERF's and AONT's with nearly optimal parameters. Our computational constructions are based on any one-way function. We also provide several applications and additional properties concerning these notions.