Abstract
We uncover a new class of attacks that can potentially affect any cryptographic protocol. The attack is performed by an adversary that at some point has access to the physical memory of a participant, including all its previous states.
In order to protect protocols from such attacks, we introduce a cryptographic primitive that we call erasable memory. Using this primitive, it is possible to implement the essential cryptographic action of forgetting a secret. We show how to use a small erasable memory in order to transform a large non-erasable memory into a large and erasable memory. In practice, this shows how to turn any type of storage device into a storage device that can selectively forget. Moreover, the transformation can be performed using the minimal assumption of the existence of any one-way function, and can be implemented using any block cipher, in which case it is quite efficient. We conclude by suggesting some concrete implementations of small amounts of erasable memory.
Part of Giovanni’s work done while at Bellcore
Part of this work done while visiting UCSD
Part of this work done while at UCSD
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
B. Aiello, M. Bellare, G. Di Crescenzo, and R. Venkatesan, Security amplification by composition: the case of doubly-iterated, ideal ciphers, Proc. of CRYPTO 98.
M. Bellare, J. Kilian and P. Rogaway, The security of cipher block chaining, Proc. of CRYPTO 94.
D. Boneh, and R. Lipton, A revocable backup system, Proc. of USENIX 97.
J. Bos, Booting problems with the JEC Computer, personal communication, 1983.
G. Di Crescenzo, N. Ferguson, R. Impagliazzo, and M. Jakobsson, How to forget a secret, full version of this paper, available from authors.
W. Diffie, P. Van Oorschot, and M. Wiener, Authentication and authenticated key exchanges, Design, Codes and Cryptography, vol. 2, 1992.
T. ElGamal, A public-key cryptosystem and a signature scheme based on discrete logarithms, Proc. of CRYPTO 84.
Y. Frankel, P. Gemmell, P. MacKenzie, M. Yung, Proactive RSA, Proc. of CRYPTO 97.
O. Goldreich, S. Goldwasser and S. Micali, How to construct random functions, Journal of the ACM, Vol. 33, No. 4, 210–217, (1986).
O. Goldreich and R. Ostrovsky, Software protection and simulation by oblivious RAMs, Journal of the ACM, 1996.
J. Hastad, R. Impagliazzo, L. Levin, and M. Luby, Construction of a pseudorandom generator from any one-way function, SIAM Journal on Computing, to appear (previous versions: FOCS 89, and STOC 90).
A. Herzberg, M. Jakobsson, S. Jarecki, H. Krawczyk, M. Yung, Proactive public key and signature systems, Proc. of ACM CCS 97.
A. Herzberg, S. Jarecki, H. Krawczyk, M. Yung, Proactive secret sharing, or how to cope with perpetual leakage, Proc. of CRYPTO’ 95.
M. Luby and C. Rackoff, How to construct pseudorandom permutations from pseudorandom functions, SIAM Journal on Computing, Vol. 17, No. 2, April 1988.
National Institute for Standards and Technology, Digital signature standard (DSS), Federal Register Vol. 56(169), Aug 30, 1991.
R. Ostrovsky and V. Shoup, Private information storage, Proc. of STOC 1997.
R. Ostrovsky and M. Yung, How to withstand mobile virus attacks, Proc. of PODC 91.
C. P. Schnorr, Efficient signature generation for smart cards, Proc. CRYPTO 89.
B. Yee, D. Tygar, Secure coprocessors in electronic commerce applications, Proc. of USENIX 95.
B. Yee, Using secure coprocessors, Ph.D. Thesis, CMU-CS-94-149, 1994.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Di Crescenzo, G., Ferguson, N., Impagliazzo, R., Jakobsson, M. (1999). How To Forget a Secret. In: Meinel, C., Tison, S. (eds) STACS 99. STACS 1999. Lecture Notes in Computer Science, vol 1563. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-49116-3_47
Download citation
DOI: https://doi.org/10.1007/3-540-49116-3_47
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-65691-3
Online ISBN: 978-3-540-49116-3
eBook Packages: Springer Book Archive