Skip to main content
SpringerLink
Log in
Book cover

From Database to Cyber Security pp 470–486Cite as

Theoretical Foundations for Mobile Target Defense: Proactive Secret Sharing and Secure Multiparty Computation

  • Chapter
  • First Online:

  • 1874 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11170))

Abstract

One option to instantiate Mobile Target Defense (MTD) [27] strategies in distributed storage and computing systems is to design such systems from the ground up using cryptographic techniques such as secret sharing (SS) and secure multiparty computation (MPC). In standard SS a dealer shares a secret s among n parties such that an adversary corrupting no more than t parties does not learn s, while any \(t+1\) parties can efficiently recover s. MPC protocols based on secret sharing allow one to perform computations on such secret shared data without requiring reconstructing the data at a central location. MPC thus enables a set of distrusting parties to perform computation on their secret shared data while guaranteeing secrecy of their inputs and outputs, and correctness of the computation, also as long as no more than t parties are corrupted. Over a long period of time all parties may be corrupted and the threshold t may be violated, which is accounted for in proactively secure protocols such as Proactive Secret Sharing (PSS) and Proactive MPC (PMPC). Proactive security is an example of a cryptographically grounded and theoretically well-studied approach to realize MTD. PSS retains confidentiality even when a mobile adversary corrupts all parties over the lifetime of the secret, but no more than a threshold t during a certain window of time, called the refresh period. As an example of a proactively secure protocol that realizes an MTD strategy we overview the first PSS scheme secure in the presence of a dishonest majority (developed recently in [15]). The PSS scheme is robust and secure against \(t<n-2\) passive adversaries when there are no active corruptions, and secure but non-robust (but with identifiable aborts) against \(t<n/2-1\) active adversaries when there are no additional passive corruptions. The scheme is also secure (with identifiable aborts) against mixed adversaries controlling a combination of passively and actively corrupted parties such that if there are k active corruptions there are less than \(n-k-2\) total corruptions.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    In the full version we generalize the protocols to handle multiple secrets to increase communication and storage efficiency, and provide an instantiation using commitments based on hardness of discrete logarithms using Feldman’s VSS [19].

References

  1. Backes, M., Cachin, C., Strobl, R.: Proactive secure message transmission in asynchronous networks. In: Proceedings of the Twenty-Second ACM Symposium on Principles of Distributed Computing. PODC 2003, 13–16 July 2003, Boston, Massachusetts, USA, pp. 223–232 (2003). https://doi.org/10.1145/872035.872069

  2. Baron, J., ElDefrawy, K., Lampkins, J., Ostrovsky, R.: How to withstand mobile virus attacks, revisited. In: Proceedings of the 2014 ACM Symposium on Principles of Distributed Computing. PODC 2014, pp. 293–302. ACM, New York (2014). https://doi.org/10.1145/2611462.2611474

  3. Baron, J., Defrawy, K.E., Lampkins, J., Ostrovsky, R.: Communication-optimal proactive secret sharing for dynamic groups. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 23–41. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-28166-7_2

    Chapter  Google Scholar 

  4. Beerliová-Trubíniová, Z., Hirt, M.: Perfectly-secure MPC with linear communication complexity. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 213–230. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78524-8_13

    Chapter  Google Scholar 

  5. Ben-Sasson, E., Fehr, S., Ostrovsky, R.: Near-linear unconditionally-secure multiparty computation with a dishonest minority. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 663–680. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_39

    Chapter  Google Scholar 

  6. Blakley, G.R.: Safeguarding cryptographic keys. In: Proceedings of AFIPS National Computer Conference, vol. 48, pp. 313–317 (1979)

    Google Scholar 

  7. Cachin, C., Kursawe, K., Lysyanskaya, A., Strobl, R.: Asynchronous verifiable secret sharing and proactive cryptosystems. In: ACM Conference on Computer and Communications Security, pp. 88–97 (2002)

    Google Scholar 

  8. Canetti, R., Herzberg, A.: Maintaining security in the presence of transient faults. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 425–438. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-48658-5_38

    Chapter  MATH  Google Scholar 

  9. Castro, M., Liskov, B.: Practical byzantine fault tolerance and proactive recovery. ACM Trans. Comput. Syst. 20(4), 398–461 (2002)

    Article  Google Scholar 

  10. Chaum, D., Crépeau, C., Damgard, I.: Multiparty unconditionally secure protocols. In: Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing. STOC 1988, pp. 11–19. ACM, New York (1988). https://doi.org/10.1145/62212.62214

  11. Damgård, I., Ishai, Y., Krøigaard, M.: Perfectly secure multiparty computation and the computational overhead of cryptography. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 445–465. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_23

    Chapter  Google Scholar 

  12. Damgård, I., Ishai, Y., Krøigaard, M., Nielsen, J.B., Smith, A.: Scalable multiparty computation with nearly optimal work and resilience. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 241–261. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85174-5_14

    Chapter  Google Scholar 

  13. Desmedt, Y., Jajodia, S.: Redistributing secret shares to new access structures and its applications. Technical report ISSE TR-97-01, George Mason University, Fairfax, VA, July 1997 (1997)

    Google Scholar 

  14. Dolev, S., Garay, J., Gilboa, N., Kolesnikov, V.: Swarming secrets. In: 2009 47th Annual Allerton Conference on Communication, Control, and Computing. Allerton 2009, pp. 1438–1445, September 2009

    Google Scholar 

  15. Dolev, S., ElDefrawy, K., Lampkins, J., Ostrovsky, R., Yung, M.: Proactive secret sharing with a dishonest majority. In: Zikas, V., De Prisco, R. (eds.) SCN 2016. LNCS, vol. 9841, pp. 529–548. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-44618-9_28

    Chapter  Google Scholar 

  16. Dolev, S., Garay, J.A., Gilboa, N., Kolesnikov, V.: Secret sharing Krohn-Rhodes: private and perennial distributed computation. In: Proceedings of Innovations in Computer Science - ICS 2010, 7–9 January 2011, Tsinghua University, Beijing, China, pp. 32–44 (2011). http://conference.itcs.tsinghua.edu.cn/ICS2011/content/papers/18.html

  17. Dolev, S., Garay, J.A., Gilboa, N., Kolesnikov, V., Yuditsky, Y.: Towards efficient private distributed computation on unbounded input streams. J. Math. Cryptol. 9(2), 79–94 (2015). https://doi.org/10.1515/jmc-2013-0039

    Article  MathSciNet  MATH  Google Scholar 

  18. Eldefrawy, K., Ostrovsky, R., Park, S., Yung, M.: Proactive secure multiparty computation with a dishonest majority. In: Catalano, D., De Prisco, R. (eds.) SCN 2018. LNCS, vol. 11035, pp. 200–215. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98113-0_11

    Chapter  Google Scholar 

  19. Feldman, P.: A practical scheme for non-interactive verifiable secret sharing. In: Proceedings of the 28th Annual Symposium on Foundations of Computer Science. SFCS 1987, pp. 427–438, IEEE Computer Society, Washington, DC (1987). https://doi.org/10.1109/SFCS.1987.4

  20. Frankel, Y., Gemmell, P., MacKenzie, P.D., Yung, M.: Proactive RSA. In: Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology. CRYPTO 1997, pp. 440–454. Springer, London (1997). http://dl.acm.org/citation.cfm?id=646762.706164

    Chapter  Google Scholar 

  21. Frankel, Y., Yung, M.: Cryptosystems robust against “dynamic faults” meet enterprise needs for organizational “change control”. In: Franklin, M. (ed.) FC 1999. LNCS, vol. 1648, pp. 241–252. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48390-X_18

    Chapter  Google Scholar 

  22. Franklin, M.K., Yung, M.: Communication complexity of secure computation (extended abstract) In: STOC, pp. 699–710(1992)

    Google Scholar 

  23. Federal Trade Commission FTC: The Equifax data breach (2017). https://www.ftc.gov/equifax-data-breach. Accessed 27 Apr 2018

  24. Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game. In: Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing. STOC 1987, pp. 218–229. ACM, New York (1987). https://doi.org/10.1145/28395.28420

  25. Herzberg, A., Jarecki, S., Krawczyk, H., Yung, M.: Proactive secret sharing or: how to cope with perpetual leakage. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 339–352. Springer, Heidelberg (1995). https://doi.org/10.1007/3-540-44750-4_27

    Chapter  Google Scholar 

  26. Hirt, M., Maurer, U., Lucas, C.: A dynamic tradeoff between active and passive corruptions in secure multi-party computation. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 203–219. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40084-1_12

    Chapter  MATH  Google Scholar 

  27. Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S.: Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, 1st edn. Springer, New York (2011). https://doi.org/10.1007/978-1-4614-0977-9

    Book  Google Scholar 

  28. LATimes: Anthem is warning consumers about its huge data breach. Here’s a translation (2016). http://www.latimes.com/business/hiltzik/la-fi-mh-anthem-is-warning-consumers-20150306-column.html. Accessed 27 Apr 2018

  29. Ostrovsky, R., Yung, M.: How to withstand mobile virus attacks (extended abstract). In: PODC, pp. 51–59 (1991)

    Google Scholar 

  30. Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority. In: Proceedings of the Twenty-First Annual ACM Symposium on Theory of Computing. STOC 1989, pp. 73–85. ACM, New York (1989). https://doi.org/10.1145/73007.73014

  31. Schultz, D.: Mobile proactive secret sharing. Ph.D. thesis, Massachusetts Institute of Technology (2007)

    Google Scholar 

  32. Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)

    Article  MathSciNet  Google Scholar 

  33. Wong, T.M., Wang, C., Wing, J.M.: Verifiable secret redistribution for archive system. In: IEEE Security in Storage Workshop, pp. 94–106 (2002)

    Google Scholar 

  34. Zhou, L., Schneider, F.B., van Renesse, R.: APSS: proactive secret sharing in asynchronous systems. ACM Trans. Inf. Syst. Secur. 8(3), 259–286 (2005)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Sciences Laboratory, SRI International, Menlo Park, USA

    Karim Eldefrawy

  2. Department of Computer Science and Department of Mathematics, UCLA, Los Angeles, USA

    Rafail Ostrovsky

  3. Google and Department of Computer Science, Columbia University, New York City, USA

    Moti Yung

Authors
  1. Karim Eldefrawy
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rafail Ostrovsky
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Moti Yung
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Karim Eldefrawy .

Editor information

Editors and Affiliations

  1. Università degli Studi di Milano, Milano, Italy

    Pierangela Samarati

  2. Colorado State University, Fort Collins, CO, USA

    Indrajit Ray

  3. Colorado State University, Fort Collins, CO, USA

    Indrakshi Ray

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Eldefrawy, K., Ostrovsky, R., Yung, M. (2018). Theoretical Foundations for Mobile Target Defense: Proactive Secret Sharing and Secure Multiparty Computation. In: Samarati, P., Ray, I., Ray, I. (eds) From Database to Cyber Security. Lecture Notes in Computer Science(), vol 11170. Springer, Cham. https://doi.org/10.1007/978-3-030-04834-1_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-04834-1_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-04833-4

  • Online ISBN: 978-3-030-04834-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation