CAREER: Strengthening Cryptography by Reducing Assumptions about the Adversary

职业：通过减少对手的假设来加强密码学

• 批准号: 0347839
• 负责人: Tal Malkin
• 金额: $ 40万
• 依托单位: Columbia University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2004
• 资助国家: 美国
• 起止时间: 2004-02-15 至 2011-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0347839&HistoricalAwards=false
• 关键词: CAREER; Strengthening; Cryptography; Reducing; Assumptions

Cryptographic security models are defined in terms of the capabilities of the adversary, including computational limitations and what access he is allowed to the system. The security of protocols is then proven with respect to such adversaries, in a well-defined, rigorous and quantifiable way (typically relying on some computational hardness assumption). However, traditional models are often not adequate, especially in light of the widespread use of cryptography today. Since we cannot predict everything the adversary can do a priori, it is important to reduce the assumptions about the adversary's (in)capabilities as much as possible. Here, we propose to expand the traditional cryptographic foundations so as to withstand attacks by stronger, more realistic adversaries. In particular, we challenge the classical assumption that the adversary has no access whatsoever to the legitimate parties' secret keys. We will study the strongest existing models, design new models, develop protocols, and explore the limits of what is possible to achieve, for the following types of attacks: Chosen ciphertext attack: can we achieve CCA security from any scheme satisfying only standard semantic security? What are the relations among the different notions of security for public key encryption? Tampering attacks: can we achieve security for various cryptographic applications when the adversary can tamper with the secret key, e.g. through fault attacks? Key exposure attacks: can we achieve security when the adversary can obtain the secret key? how to design and instantiate key evolving schemeswith optimal security and efficiency to limit damage caused by key exposure? We will seek both positive and negative results in the above areas, in order to better understand the relevant implications and requirements, and to obtain optimal solutions.

密码安全模型是根据对手的能力来定义的，包括计算限制和允许他访问系统的权限。 然后，协议的安全性被证明相对于这样的对手，在一个定义良好的，严格的和可量化的方式（通常依赖于一些计算硬度假设）。 然而，传统的模型往往是不够的，特别是考虑到当今密码学的广泛使用。由于我们无法事先预测对手的一切能力，因此尽可能减少对对手能力的假设是很重要的。在这里，我们建议扩展传统的加密基础，以抵御更强大，更现实的对手的攻击。特别是，我们挑战的经典假设，对手没有访问任何合法方的秘密密钥。 我们将研究最强的现有模型，设计新的模型，开发协议，并探讨什么是可能实现的限制，为以下类型的攻击：选择密文攻击：我们可以实现CCA安全从任何计划只满足标准的语义安全？公钥加密的不同安全概念之间有什么关系？篡改攻击：当对手可以篡改密钥时，例如通过故障攻击，我们能否实现各种加密应用的安全性？ 密钥暴露攻击：当对手可以获得密钥时，我们能否实现安全？如何设计和实例化具有最佳安全性和效率的密钥演化方案，以限制密钥暴露所造成的损害？我们将在上述领域寻求积极和消极的结果，以便更好地了解有关影响和要求，并寻求最佳解决办法。