Limits on the provable consequences of one-way permutations
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Conditionally-perfect secrecy and a provably-secure randomized cipher
Journal of Cryptology - Eurocrypt '90
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Journal of the ACM (JACM)
A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
Unconditional Security Against Memory-Bounded Adversaries
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
All-or-Nothing Encryption and the Package Transform
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Replication is not needed: single database, computationally-private information retrieval
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Oblivious Transfer with a Memory-Bounded Receiver
FOCS '98 Proceedings of the 39th Annual Symposium on Foundations of Computer Science
Encryption against Storage-Bounded Adversaries from On-Line Strong Extractors
Journal of Cryptology
Optimal Randomizer Efficiency in the Bounded-Storage Model
Journal of Cryptology
On the randomness complexity of efficient sampling
Proceedings of the thirty-eighth annual ACM symposium on Theory of computing
Authenticating secure tokens using slow memory access
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Single database private information retrieval implies oblivious transfer
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
On everlasting security in the hybrid bounded storage model
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Protecting secret data from insider attacks
FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security
Composition implies adaptive security in minicrypt
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Intrusion-Resilience via the bounded-storage model
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Perfectly secure password protocols in the bounded retrieval model
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Everlasting security in the bounded storage model
IEEE Transactions on Information Theory
Weak Pseudorandom Functions in Minicrypt
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
How to Protect Yourself without Perfect Shredding
ICALP '08 Proceedings of the 35th international colloquium on Automata, Languages and Programming, Part II
The Long-Short-Key Primitive and Its Applications to Key Security
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
A Leakage-Resilient Mode of Operation
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
On cryptography with auxiliary input
Proceedings of the forty-first annual ACM symposium on Theory of computing
Intrusion-resilient key exchange in the bounded retrieval model
TCC'07 Proceedings of the 4th conference on Theory of cryptography
A lower bound on the key length of information-theoretic forward-secure storage schemes
ICITS'09 Proceedings of the 4th international conference on Information theoretic security
SCN'10 Proceedings of the 7th international conference on Security and cryptography for networks
On the Compressibility of $\mathcal{NP}$ Instances and Cryptographic Applications
SIAM Journal on Computing
One-time computable self-erasing functions
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Leftover Hash Lemma, revisited
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Key-evolution schemes resilient to space-bounded leakage
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
TCC'10 Proceedings of the 7th international conference on Theory of Cryptography
Practical leakage-resilient pseudorandom objects with minimum public randomness
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
| Hi-index | 0.00 |
We study a problem of secure data storage in a recently introduced Limited Communication Model. We propose a new cryptographic primitive that we call a Forward-Secure Storage (FSS). This primitive is a special kind of an encryption scheme, which produces huge (5 GB, say) ciphertexts, even from small plaintexts, and has the following non-standard security property. Suppose an adversary gets access to a ciphertext C = E(K,M) and he is allowed to compute any function h of C, with the restriction that |h(C)| ≪|C| (say: |h(C)| = 1 GB). We require that h(C) should give the adversary no information about M, even if he later learns K. A practical application of this concept is as follows. Suppose a ciphertext C is stored on a machine on which an adversary can install a virus. In many cases it is completely infeasible for the virus to retrieve 1 GB of data from the infected machine. So if the adversary (at some point later) learns K, then M remains secret. We provide a formal definition of the FSS, propose some FSS schemes, and show that FSS can be composed sequentially in a secure way. We also show connections of the FSS to the theory of compressibility of NP-instances (recently developed by Harnik and Naor).