CAREER: Exposure-Resilient Cryptography

职业：暴露弹性密码学

• 批准号: 0133806
• 负责人: Yevgeniy Dodis
• 金额: $ 33万
• 依托单位: New York University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2002
• 资助国家: 美国
• 起止时间: 2002-01-01 至 2008-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0133806&HistoricalAwards=false
• 关键词: CAREER; Exposure; Resilient; Cryptography

Abstract:Exposure-Resilient Cryptography concerns the important problem of keyexposure and general information leakage. Exposure of suchinformation poses one of the most serious and common threats toemploying cryptography in real life. For example, cryptographiccomputations (decryption, signature generation, etc.) are oftenperformed on a relatively insecure device (e.g., a mobile device or anInternet-connected host) which cannot be trusted to maintain secrecyof the private key. Thus, the goal of Exposure-Resilient Cryptographyis to design solutions that will limit (or even completely eliminate)the negative consequences of such an exposure in various cryptographicscenarios. In particular, this research concentrates on the design ofvarious key evolving schemes and the problem of partial key exposure.The paradigm of secret key evolution over time invloves updating one'ssecret key such that key leakage at given period(s) compromises thesecurity of other periods to the minimal extent possible. Theinvestigators examine two such models. Forward-secure schemes updatesecret key locally, and seek to protect the security of all the pastperiods when the current key is exposed. In contrast,bidirectionally-secure schemes use secure key updates, but protectall non-exposed periods: both in the past and in the future. Ineither model, the public information (e.g., public keys) are notaffected by the secret key evolution. The problem of partial keyexposure concerns the scenario where most but not all secretinformation has been leaked. The main question studied in this settingis how can valuable secret information be stored or represented insuch a way that almost complete exposure of its representation stillguarantees the secrecy of the actual, embedded secret?

翻译后摘要：暴露弹性密码关注的重要问题，密钥暴露和一般信息泄漏。 这些信息的暴露对在真实的生活中使用密码学构成了最严重和最常见的威胁之一。例如，密码计算（解密、签名生成等）通常在相对不安全的设备上执行（例如，移动终端或因特网连接的主机），其不能被信任来维护私钥的安全性。因此，抗暴露密码学的目标是设计解决方案，以限制（甚至完全消除）在各种密码学场景中这种暴露的负面后果。特别地，本研究集中在各种密钥演化方案的设计和部分密钥暴露问题上，密钥随时间演化的范式涉及更新一个人的密钥，使得在给定的时间段内的密钥泄漏对其他时间段的安全性的损害最小化。调查人员研究了两个这样的模型。前向安全方案在本地更新密钥，并在当前密钥暴露时保护所有过去时间段的安全性。相比之下，双向安全方案使用安全密钥更新，但保护所有未暴露的时期：无论是在过去还是在未来。 在这两种模式中，公共信息（例如，公钥）不受秘密密钥演变的影响。部分密钥暴露的问题涉及的情况下，大多数但不是所有的secretinformation已被泄露。在这个settingis研究的主要问题是如何有价值的秘密信息被存储或表示在这样一种方式，几乎完全暴露其表示仍然保证了实际的，嵌入的秘密的秘密？