Seminar: October 8, 2:30pm
Yevgeniy Dodis, New York University
Cryptography Against Continuous Memory Attacks
Note non-standard day and time!
We say that a cryptographic scheme is Continuous Leakage-Resilient
(CLR), if it allows users to refresh their secret keys, using only
fresh local randomness, such that:
-- The scheme remains functional after any number of key refreshes,
although the public key never changes. Thus, the "outside world" is
neither affected by these key refreshes, nor needs to know about their
frequency.
-- The scheme remains secure even if the adversary can continuously
leak arbitrary information about the current secret-key of the system,
as long as the amount of leaked information is bounded in between any
two successive key refreshes. There is no bound on the total amount of
information that can be leaked during the lifetime of the system.
In this work, we construct a variety of practical CLR schemes,
including CLR one-way relations, CLR signatures, CLR identification
schemes, and CLR authenticated key agreement protocols. For each of
the above, we give general constructions, and then show how to
instantiate them efficiently using a well established assumption on
bilinear groups, called the K-Linear assumption.
Joint work with Kristiyan Haralambiev and Adriana Lopez-Alt and Daniel Wichs.
The extended abstract of the paper will appear at FOCS'10 and can be
found at http://eprint.iacr.org/2010/196