Intrusion-resilient key exchange in the bounded retrieval model

Authors:
David Cash;Yan Zong Ding;Yevgeniy Dodis;Wenke Lee;Richard Lipton;Shabsi Walfish
Affiliations:
College of Computing, Georgia Institute of Technology;College of Computing, Georgia Institute of Technology;Department of Computer Science, New York University;College of Computing, Georgia Institute of Technology;College of Computing, Georgia Institute of Technology;Department of Computer Science, New York University
Venue:
TCC'07 Proceedings of the 4th conference on Theory of cryptography
Year:
2007

Citing 24
Cited 17

Conditionally-perfect secrecy and a provably-secure randomized cipher

Journal of Cryptology - Eurocrypt '90
Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise

CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Entity authentication and key distribution

CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
Randomness is linear in space

Journal of Computer and System Sciences
Key-Insulated Public Key Cryptosystems

EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Strong Key-Insulated Signature Schemes

PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
SiBIR: Signer-Base Intrusion-Resilient Signatures

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Universally Composable Security: A New Paradigm for Cryptographic Protocols

FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
Constructing Locally Computable Extractors and Cryptosystems in the Bounded-Storage Model

Journal of Cryptology
Randomness-efficient oblivious sampling

SFCS '94 Proceedings of the 35th Annual Symposium on Foundations of Computer Science
Authenticated key exchange secure against dictionary attacks

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Provably secure password-authenticated key exchange using Diffie-Hellman

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Exposure-resilient functions and all-or-nothing transforms

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
A forward-secure public-key encryption scheme

EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Forward-security in private-key cryptography

CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Intrusion-resilient public-key encryption

CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Protecting secret data from insider attacks

FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Secure remote authentication using biometric data

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Universally composable password-based key exchange

EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Robust fuzzy extractors and authenticated key agreement from close secrets

CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
On forward-secure storage

CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Intrusion-Resilience via the bounded-storage model

TCC'06 Proceedings of the Third conference on Theory of Cryptography
Perfectly secure password protocols in the bounded retrieval model

TCC'06 Proceedings of the Third conference on Theory of Cryptography
Secret-key agreement over unauthenticated public channels .II. Privacy amplification

IEEE Transactions on Information Theory

The Long-Short-Key Primitive and Its Applications to Key Security

IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
A Leakage-Resilient Mode of Operation

EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Non-malleable extractors and symmetric key cryptography from weak secrets

Proceedings of the forty-first annual ACM symposium on Theory of computing
On cryptography with auxiliary input

Proceedings of the forty-first annual ACM symposium on Theory of computing
On seed-incompressible functions

TCC'08 Proceedings of the 5th conference on Theory of cryptography
Survey: leakage resilience and the bounded retrieval model

ICITS'09 Proceedings of the 4th international conference on Information theoretic security
A lower bound on the key length of information-theoretic forward-secure storage schemes

ICITS'09 Proceedings of the 4th international conference on Information theoretic security
Leakage-resilient storage

SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
Leakage-resilient RFID authentication with forward-privacy

RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
Parallel repetition for leakage resilience amplification revisited

TCC'11 Proceedings of the 8th conference on Theory of cryptography
Achieving leakage resilience through dual system encryption

TCC'11 Proceedings of the 8th conference on Theory of cryptography
One-time computable self-erasing functions

TCC'11 Proceedings of the 8th conference on Theory of cryptography
How to leak on key updates

Proceedings of the forty-third annual ACM symposium on Theory of computing
Key-evolution schemes resilient to space-bounded leakage

CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Subspace LWE

TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Crypto galore!

The Multivariate Algorithmic Revolution and Beyond
Chosen-ciphertext attack secure public key encryption with auxiliary inputs

Security and Communication Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

We construct an intrusion-resilient symmetric-key authenticated key exchange (AKE) protocol in the bounded retrieval model. The model employs a long shared private key to cope with an active adversary who can repeatedly compromise the user's machine and perform any efficient computation on the entire shared key. However, we assume that the attacker is communication bounded and unable to retrieve too much information during each successive break-in. In contrast, the users read only a small portion of the shared key, making the model quite realistic in situations where storage is much cheaper than bandwidth. The problem was first studied by Dziembowski [Dzi06a], who constructed a secure AKE protocol using random oracles. We present a general paradigm for constructing intrusion-resilient AKE protocols in this model, and show how to instantiate it without random oracles. The main ingredients of our construction are UC-secure password authenticated key exchange and tools from the bounded storage model.