How to forget a secret

Authors:
Giovanni Di Crescenzo;Niels Ferguson;Russell Impagliazzo;Markus Jakobsson
Affiliations:
Computer Science Department, University of Califonia San Diego, La Jolla, CA;Counterpane Systems;Computer Science Department, University of Califonia San Diego, La Jolla, CA;Information Sciences Research Center, Bell Labs, Murray Hill, NJ
Venue:
STACS'99 Proceedings of the 16th annual conference on Theoretical aspects of computer science
Year:
1999

Citing 14
Cited 29

How to construct random functions

Journal of the ACM (JACM)
How to construct pseudorandom permutations from pseudorandom functions

SIAM Journal on Computing - Special issue on cryptography
How to withstand mobile virus attacks (extended abstract)

PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
Authentication and authenticated key exchanges

Designs, Codes and Cryptography
Software protection and simulation on oblivious RAMs

Journal of the ACM (JACM)
Private information storage (extended abstract)

STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
Proactive public key and signature systems

Proceedings of the 4th ACM conference on Computer and communications security
A Pseudorandom Generator from any One-way Function

SIAM Journal on Computing
The Security of Cipher Block Chaining

CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
Proactive Secret Sharing Or: How to Cope With Perpetual Leakage

CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Proactive RSA

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Security Amplification by Composition: The Case of Doubly-Iterated, Ideal Ciphers

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Secure coprocessors in electronic commerce applications

WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
A revocable backup system

SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6

Dynamic Group Diffie-Hellman Key Exchange under Standard Assumptions

EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Remembrance of Data Passed: A Study of Disk Sanitization Practices

IEEE Security and Privacy
On the performance, feasibility, and use of forward-secure signatures

Proceedings of the 10th ACM conference on Computer and communications security
Off-the-record communication, or, why not to use PGP

Proceedings of the 2004 ACM workshop on Privacy in the electronic society
Protecting applications with transient authentication

Proceedings of the 1st international conference on Mobile systems, applications and services
Improved topology assumptions for threshold cryptography in mobile ad hoc networks

Proceedings of the 3rd ACM workshop on Security of ad hoc and sensor networks
Security of erasable memories against adaptive adversaries

Proceedings of the 2005 ACM workshop on Storage security and survivability
Building regulatory compliant storage systems

dg.o '06 Proceedings of the 2006 international conference on Digital government research
Mobile Device Security Using Transient Authentication

IEEE Transactions on Mobile Computing
Secure deletion for a versioning file system

FAST'05 Proceedings of the 4th conference on USENIX Conference on File and Storage Technologies - Volume 4
Scrash: a system for generating secure crash information

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Provably secure authenticated group Diffie-Hellman key exchange

ACM Transactions on Information and System Security (TISSEC)
Implementing Trusted Terminals with a and SITDRM

Electronic Notes in Theoretical Computer Science (ENTCS)
Securing group key exchange against strong corruptions

Proceedings of the 2008 ACM symposium on Information, computer and communications security
How to Protect Yourself without Perfect Shredding

ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
Securing group key exchange against strong corruptions and key registration attacks

International Journal of Applied Cryptography
Fully Robust Tree-Diffie-Hellman Group Key Exchange

CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Server-side detection of malware infection

NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
Adaptively secure threshold cryptography: introducing concurrency, removing erasures

EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Rethinking chosen-ciphertext security under Kerckhoffs'assumption

CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Provably secure public-key encryption for length-preserving chaumian mixes

CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Fully automated and hidden system for wiping sensitive data

ECC'10 Proceedings of the 4th conference on European computing conference
Data wiping system with fully automated, hidden and remote destruction capabilities

WSEAS Transactions on Computers
Protecting secret data from insider attacks

FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
A protocol for secure public instant messaging

FC'06 Proceedings of the 10th international conference on Financial Cryptography and Data Security
One big file is not enough: a critical evaluation of the dominant free-space sanitization technique

PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
The persistence of memory: Forensic identification and extraction of cryptographic keys

Digital Investigation: The International Journal of Digital Forensics & Incident Response
Policy-based secure deletion

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Secure data deletion from persistent media

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

We uncover a new class of attacks that can potentially affect any cryptographic protocol. The attack is performed by an adversary that at some point has access to the physical memory of a participant, including all its previous states. In order to protect protocols from such attacks, we introduce a cryptographic primitive that we call erasable memory. Using this primitive, it is possible to implement the essential cryptographic action of forgetting a secret. We show how to use a small erasable memory in order to transform a large non-erasable memory into a large and erasable memory. In practice, this shows how to turn any type of storage device into a storage device that can selectively forget. Moreover, the transformation can be performed using the minimal assumption of the existence of any one-way function, and can be implemented using any block cipher, in which case it is quite efficient. We conclude by suggesting some concrete implementations of small amounts of erasable memory.