Abstract
Alwen, Dodis and Wichs first formulated the security notions of identification (ID) schemes resilient to key-leakage attacks, which is called leakage-resilient ID schemes. In fact, the notions they considered are the so-called active security where the adversary is only allowed to interact with the prover before the impersonation attempt. However, recently, there has been a huge emphasis on stronger attacks, such as man-in-the-middle (MIM) attacks. So can we extend the results about leakage-resilient ID schemes to man-in-the-middle security? Besides, we consider the setting where the adversary is allowed to perform leakage attacks on the entire state of the honest prover during the lifetime of the system, which is called full leakage attacks. Clearly, this type of leakage attacks is stronger and more meaningful than key-leakage attacks.
In conclusion, we study the design of ID schemes resilient to MIM attacks and fully leakage attacks at the same time, which means that while attempting to impersonate a prover, the adversary can interact with an honest prover and obtain arbitrary bounded leakage on the entire state of the honest prover during the lifetime of the system. Informal speaking, an ID scheme secure against this type of attacks is said to be fully leakage-resilient non-malleable.
To obtain fully leakage-resilient non-malleable ID schemes, we propose two variants of the so-called Knowledge-of-Exponent Assumption (\({\mathsf {KEA}}\)) over bilinear groups, called tag based Knowledge-of-Exponent Assumption (\({\mathsf {TagKEA}}\)) and Selective-tag based Knowledge-of-Exponent Assumption (\({\mathsf {Selective}}\)-\({\mathsf {TagKEA}}\)). To argue for believing in these two assumptions, we demonstrate that \({\mathsf {KEA}}\) implies \({\mathsf {TagKEA}}\) and is equivalent to \({\mathsf {Selective}}\text {-}{\mathsf {TagKEA}}\).
This research is supported by the National Natural Science Foundation of China (Grant No. 61003276) and the Strategy Pilot Project of Chinese Academy of Sciences (Grant No. Y2W0012203).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Anada, H., Arita, S.: Identification schemes of proofs of ability secure against concurrent man-in-the-middle attacks. In: Heng, S.-H., Kurosawa, K. (eds.) ProvSec 2010. LNCS, vol. 6402, pp. 18–34. Springer, Heidelberg (2010)
Anada, H., Arita, S.: Identification schemes from key encapsulation mechanisms. In: Nitaj, A., Pointcheval, D. (eds.) AFRICACRYPT 2011. LNCS, vol. 6737, pp. 59–76. Springer, Heidelberg (2011)
Anada, H.: A study on efficient identification schemes secure against concurrent man-in-the-middle attacks. Doctoral dissertation, Institute of Information Security (2012)
Alwen, J., Dodis, Y., Wichs, D.: Leakage-resilient public-key cryptography in the bounded-retrieval model. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 36–54. Springer, Heidelberg (2009)
Alwen, J., Dodis, Y., Wichs, D.: Survey: leakage resilience and the bounded retrieval model. In: Kurosawa, K. (ed.) Information Theoretic Security. LNCS, vol. 5973, pp. 1–18. Springer, Heidelberg (2010)
Abe, M., Fehr, S.: Perfect NIZK with adaptive soundness. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 118–136. Springer, Heidelberg (2007)
Bellare, M., Fischlin, M., Goldwasser, S., Micali, S.: Identification protocols secure against reset attacks. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 495–511. Springer, Heidelberg (2001)
Bellare, M., Palacio, A.: GQ and Schnorr identification schemes: proofs of security against impersonation under active and concurrent attacks. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 162–177. Springer, Heidelberg (2002)
Bellare, M., Palacio, A.: The knowledge-of-exponent assumptions and 3-round zero-knowledge protocols. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 273–289. Springer, Heidelberg (2004)
Boyle, E., Segev, G., Wichs, D.: Fully leakage-resilient signatures. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 89–108. Springer, Heidelberg (2011)
Damgård, I.B.: Towards practical public key systems secure against chosen ciphertext attacks. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 445–456. Springer, Heidelberg (1992)
Dodis, Y., Haralambiev, K., Lpez-Alt, A., Wichs, D.: Cryptography against continuous memory attacks. In: FOCS, pp. 511–520 (2010)
Dodis, Y., Haralambiev, K., López-Alt, A., Wichs, D.: Efficient public-key cryptography in the presence of key leakage. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 613–631. Springer, Heidelberg (2010)
Gennaro, R.: Multi-trapdoor commitments and their applications to proofs of knowledge secure under concurrent man-in-the-middle attacks. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 220–236. Springer, Heidelberg (2004)
Garg, S., Jain, A., Sahai, A.: Leakage-resilient zero knowledge. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 297–315. Springer, Heidelberg (2011)
Groth, J.: Short pairing-based non-interactive zero-knowledge arguments. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 321–340. Springer, Heidelberg (2010)
Gupta, D., Sahai, A.: On constant-round concurrent zero-knowledge from a knowledge assumption. Cryptology ePrint Archive, Report 2012/572 (2012)
Hada, S., Tanaka, T.: On the existence of 3-round zero-knowledge protocols. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 408–423. Springer, Heidelberg (1998)
Katz, J.: Efficient cryptographic protocols preventing “Man-in-the-Middle" attacks. Doctor of Philosophy Dissertation, Columbia University, USA (2002)
Katz, J.: Efficient and non-malleable proofs of plaintext knowledge and applications. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 211–228. Springer, Heidelberg (2003)
Kiltz, E.: Chosen-ciphertext security from tag-based encryption. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 581–600. Springer, Heidelberg (2006)
Kawachi, A., Tanaka, K., Xagawa, K.: Concurrently secure identification schemes based on the worst-case hardness of lattice problems. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 372–389. Springer, Heidelberg (2008)
MacKenzie, P.D., Reiter, M.K., Yang, K.: Alternatives to non-malleability: definitions, constructions, and applications. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 171–190. Springer, Heidelberg (2004)
Nielsen, J.B., Venturi, D., Zottarel, A.: Leakage-resilient signatures with graceful degradation. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 362–379. Springer, Heidelberg (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Zhang, T., Li, H. (2015). Fully Leakage-Resilient Non-malleable Identification Schemes in the Bounded-Retrieval Model. In: Tanaka, K., Suga, Y. (eds) Advances in Information and Computer Security. IWSEC 2015. Lecture Notes in Computer Science(), vol 9241. Springer, Cham. https://doi.org/10.1007/978-3-319-22425-1_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-22425-1_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-22424-4
Online ISBN: 978-3-319-22425-1
eBook Packages: Computer ScienceComputer Science (R0)