CT-ISG: On Imperfect Randomness and Exposure-Resilient Cryptography

CT-ISG：关于不完美随机性和暴露弹性密码学

• 批准号: 0831299
• 负责人: Yevgeniy Dodis
• 金额: $ 30万
• 依托单位: New York University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2008
• 资助国家: 美国
• 起止时间: 2008-09-01 至 2012-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0831299&HistoricalAwards=false
• 关键词: CT; ISG; Imperfect; Randomness; Exposure

Randomization has proved to be a vital part in building essentially any kind of secure cryptographic system: secret keys should be randomly generated and most cryptographic primitives, such as encryption, must be probabilistic. As a common abstraction, it is typically assumed that ideal randomness is available to all the participants of the system. In many situations, this assumption is highly unrealistic, and cryptographic systems have to be built based on *imperfect* sources of randomness.Intellectual Merits of the Project: The research will address the question as to what extent cryptographic protocols can be adapted to work with imperfect sources of randomness. In particular, it will concentrate on the feasibility of cryptography imperfect sources of randomness and exposure-resilient cryptography. For the first topic, the PI will address the question if nearly ideal randomness is *necessary* for building various cryptographic primitives, such as encryption and authentication, or, perhaps, one can base such applications on more realistic imperfect sources. For the second topic, in many settings the adversary can gain partial knowledge of some secret information (e.g., a cryptographic key). The exact nature of this knowledge is often unknown, except that it is ``bounded''. Therefore, even if the secret was originally random, it looks like an imperfect random source to the adversary, given his partial knowledge about the secret. The PI will design novel protocols which are resilient to such leakage of partial information in the recently proposed Bounded Retrieval Model.Broader Impacts of the Project: The availability of ideal randomness is a common assumption used not only in cryptography, but in many other areas of computer science, and engineering in general. Questioning the validity of this assumption and designing techniques to base a given system on weaker, more *realistic* assumptions will surely be useful in many other disciplines. Additionally, given the increasing spread of viruses, Internet worms and Trojan horses, the use of exposure-resilient protocols will result in more stable and secure application environments. Furthermore, because the research in this project will use tools from information theory and pseudorandomness to solve cryptographic questions, it will help find new connections among these fields.The PI also regularly teaches courses on cryptography and network security, and will be able to incorporate the new results into such courses. In addition, the project has a significant graduate student training component.

随机化已被证明是构建任何类型的安全加密系统的重要组成部分：密钥应该随机生成，大多数加密原语（如加密）必须是概率性的。作为一种常见的抽象，通常假设理想随机性对系统的所有参与者都是可用的。在许多情况下，这种假设是非常不现实的，加密系统必须建立在不完美的随机性来源上。该项目的知识价值：该研究将解决加密协议在多大程度上可以适应不完美的随机性来源的问题。特别地，它将集中于密码学的可行性，不完善的随机性来源和暴露弹性密码学。对于第一个主题，PI将解决以下问题：对于构建各种加密原语（如加密和身份验证），近乎理想的随机性是否“必要”？或者，也许可以将此类应用程序建立在更现实的不完美源上。对于第二个主题，在许多情况下，攻击者可以获得一些秘密信息的部分知识（例如，加密密钥）。这种知识的确切性质通常是未知的，除了它是“有限的”。因此，即使这个秘密最初是随机的，对于对手来说，考虑到他对这个秘密的部分了解，它看起来也像一个不完美的随机来源。PI将在最近提出的有界检索模型中设计新的协议，以适应这种部分信息泄漏。项目的广泛影响：理想随机性的可用性是一个常见的假设，不仅用于密码学，而且用于计算机科学和一般工程的许多其他领域。质疑这一假设的有效性，并基于更弱、更“现实”的假设来设计给定系统的技术，肯定会在许多其他学科中有用。此外，鉴于病毒、互联网蠕虫和特洛伊木马的日益传播，使用抗暴露协议将带来更稳定、更安全的应用程序环境。此外，由于本项目的研究将使用信息论和伪随机的工具来解决密码学问题，它将有助于在这些领域之间找到新的联系。PI还定期教授密码学和网络安全课程，并将能够将新的结果纳入此类课程。此外，该项目有一个重要的研究生培训组成部分。