Adaptively secure multi-party computation
STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
Security technologies for the World Wide Web
Security technologies for the World Wide Web
Secure messaging: with PGP and S/MIME
Secure messaging: with PGP and S/MIME
Demystifying the Ipsec Puzzle
Handbook of Applied Cryptography
Handbook of Applied Cryptography
CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalytic Attacks on Pseudorandom Number Generators
FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
Incoercible multiparty computation
FOCS '96 Proceedings of the 37th Annual Symposium on Foundations of Computer Science
Hi-index | 0.00 |
For decades cryptography strived for its goals by packing complexity into the exposed program, all the while pressing down the size of the secret key. Alas, modern technology (1) makes small keys a secondary requirement, (2) allows for layering of program logic, and (3) offers privacy and security offenders clever eavesdropping tools; altogether warranting a re-examination of the relative roles of the "passive" key and the "active" algorithm. We describe a working system where the nominal key is merged with some JavaScript code to become the "effective key," thereby conferring upon the JavaScript interpreter (standard part in modern browsers), the role of the exposed cryptographic algorithm. We show that such Key-Script offers equivocation, (deniability), and we provide a secure key-distribution scheme that is not based on one-way functions, rather on the attribute of equivocation. We examine this new setting, and argue that it formally defeats cryptanalysis, where in practice such robustness is somewhat qualified.