Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A Pseudorandom Generator from any One-way Function
SIAM Journal on Computing
Resettable zero-knowledge (extended abstract)
STOC '00 Proceedings of the thirty-second annual ACM symposium on Theory of computing
Soundness in the Public-Key Model
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Identification Protocols Secure against Reset Attacks
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
A Practice-Oriented Treatment of Pseudorandom Number Generators
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Resettably-Sound Zero-Knowledge and its Applications
FOCS '01 Proceedings of the 42nd IEEE symposium on Foundations of Computer Science
When Virtual Is Better Than Real
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
A Safety-Oriented Platform for Web Applications
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Stateful public-key cryptosystems: how to encrypt with one 160-bit exponentiation
Proceedings of the 13th ACM conference on Computer and communications security
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
Hedged Public-Key Encryption: How to Protect against Bad Randomness
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Deterministic and efficiently searchable encryption
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
A provable-security treatment of the key-wrap problem
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
The security of triple encryption and a framework for code-based game-playing proofs
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
IEEE Transactions on Information Theory
Implementing cryptographic primitives in the symbolic model
NFM'11 Proceedings of the Third international conference on NASA Formal methods
Identification schemes from key encapsulation mechanisms
AFRICACRYPT'11 Proceedings of the 4th international conference on Progress in cryptology in Africa
Authenticated key exchange under bad randomness
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
| Hi-index | 0.00 |
Typical security models used for proving security of deployed cryptographic primitives do not allow adversaries to rewind or reset honest parties to an earlier state. Thus, it is common to see cryptographic protocols rely on the assumption that fresh random numbers can be continually generated. In this paper, we argue that because of the growing popularity of virtual machines and, specifically, their state snapshot and revert features, the security of cryptographic protocols proven under these assumptions is called into question. We focus on public-key encryption security in a setting where resetting is possible and random numbers might be reused. We show that existing schemes and security models are insufficient in this setting. We then provide new formal security models and show that making a simple and efficient modification to any existing PKE scheme gives us security under our new models.