Abstract
We propose a key-evolving paradigm to deal with the key exposure problem of public key encryption schemes. The key evolving paradigm is like the one used for forward-secure digital signature schemes. Let time be divided into time periods such that at time period j, the decryptor holds the secret key SK j , while the public key PK is fixed during its lifetime. At time period j, a sender encrypts a message m as 〈j,c〉, which can be decrypted only with the private key SK j . When the time makes a transit from period j to j + 1, the decryptor updates its private key from SK j to SK j+1 and deletes SK j immediately. The key-evolving paradigm assures that compromise of the private key SK j does not jeopardize the message encrypted at the other time periods. We propose two key-evolving public key encryption schemes with z-resilience such that compromise of z private keys does not affect confidentiality of messages encrypted in other time periods. Assuming that the DDH problem is hard, we show one scheme semantically secure against passive adversaries and the other scheme semantically secure against the adaptive chosen ciphertext attack under the random oracle.
Research supported in part by the National Science Council grant NSC-90-2213-E-009-152 and by the Ministry of Education grant 90-E-FA04-1-4, Taiwan, ROC.
A preliminary verison appeared in the ePrint 2001/009 (February, 2001) of IACR (http://eprint.iacr.org).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. Abdalla, L. Reyzin, ”A new forward-secure digital signature scheme”, Proceedings of Advances in Cryptology-Asiacrypt 2000, Lecture Notes in Computer Science 1976, pp. 116–129, Springer-Verlag, 2000.
M. Bellare, S.K. Miner, ”A forward-secure digital signature scheme”, Proceedings of Advances in Cryptology-Crypto 99, Lecture Notes in Computer Science 1666, pp. 431–448, Springer-Verlag, 1999.
M. Bellare, P. Rogaway, ”Random oracles are practical: a paradigm for designing efficient protocols”, Proceedings of the First ACM Conference on Computer and Communications Security, pp. 62–73, 1993.
R. Canetti, O. Goldreich, S. Halevi, ”The random oracle methodology revisited”, Proceedings of the 30th ACM Annual Symposium on Theory of Computing, pp. 209–218, 1998.
R. Canetti, R. Gennaro, A. Herzberg, D. Naor, ”Proactive security: long-term protection against break-ins”, CryptoBytes 3(1), 1997.
R. Cramer, V. Shoup, ”A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack”, Proceedings of Advances in Cryptology-Crypto’ 98, Lecture Notes in Computer Science 1462, pp. 13–25, Springer-Verlag, 1998.
Y. Desmedt, Y. Frankel, ”Threshold cryptosystems”, Proceedings of Advances in Cryptology-Crypto 89, Lecture Notes in Computer Science 435, pp. 307–315, Springer-Verlag, 1989.
Y. Dodis, J. Katz, S. Xu, M. Yung, ”Key-insulated public key cryptosystem”, Proceedings of Advances in Cryptology-Eurocrypt 02, Lecture Notes in Computer Science 2332, pp. 65–82, Springer-Verlag, 2002.
T. ElGamal, ”A public-key cryptosystem and a signature scheme based on discrete logarithms”, IEEE Transactions on Information Theory 31(4), pp. 469–472, 1985.
P. Feldman, ”A practical scheme for non-interactive Verifiable secret sharing”, Proceedings of the 28th IEEE Annual Symposium on the Foundations of Computer Science, pp. 427–437, 1987.
A. Herzberg, S. Jarcki, H. Krawczyk, M. Yung, ”Proactive secret sharing, or how to cope with perpetual leakage”, Proceedings of Advances in Cryptology-Crypto 95, Lecture Notes in Computer Science 963, pp. 339–352, Springer-Verlag, 1995.
I. Ingemarsson, G.J. Simmons, ”A protocol to set up shared secret schemes without the assistance of a mutualy trusted party”, Proceedings of Advances in Cryptology-Eurocrypt 90, Lecture Notes in Computer Science 473, pp. 266–282, Springer-Verlag, 1990.
C.-F. Lu, S. Shieh, ”Secure key-evolving protocols for discrete logarithm schemes”, Proceedings of CT-RSA 02, pp. 300–310, 2002.
T. Pedersen, ”A threshold cryptosystem without a trusted party”, Proceedings of Advances in Cryptology-Eurocrypt 91, Lecture Notes in Computer Science 547, pp. 522–526, Springer-Verlag, 1991.
Rackoff, D. Simon, ”Noninteractive zero-knowledge proof of knowledge and chosen ciphertext attack”, Proceedings of Advances in Cryptology-Crypto 91, Lecture Notes in Computer Science 576, pp. 433–444, Springer-Verlag, 1991.
A. Shamir, ”How to share a secret”, Communications of the ACM 22(11), pp. 612–613, 1979.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tzeng, WG., Tzeng, ZJ. (2002). Robust Key-Evolving Public Key Encryption Schemes. In: Deng, R., Bao, F., Zhou, J., Qing, S. (eds) Information and Communications Security. ICICS 2002. Lecture Notes in Computer Science, vol 2513. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36159-6_6
Download citation
DOI: https://doi.org/10.1007/3-540-36159-6_6
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00164-5
Online ISBN: 978-3-540-36159-6
eBook Packages: Springer Book Archive