Paper 2005/114

Intrusion-Resilient Secure Channels

Gene Itkis and Robert McNerney Jr. and Scott W. Russell

Abstract

We propose a new secure communication primitive called an \emph{Intrusion-Resilient Channel (IRC)} that limits the damage resulting from key exposures and facilitates recovery. We define security against passive but mobile and highly adaptive adversaries capable of exposing even expired past secrets. We describe an intuitive channel construction using (as a black box) existing public key cryptosystems. The simplicity of the construction belies the technical challenges in its security proof. Additionally, we outline a general strategy for proving enhanced security for two-party protocols when an IRC is employed to secure all communication. Specifically, given a protocol proved secure against adversaries with restricted access to protocol messages, we show how the use of an IRC allows some of these adversary restrictions to be lifted. Once again, proving the efficacy of our intuitive approach turns out to be non-trivial. We demonstrate the strategy by showing that the intrusion-resilient signature scheme of [IR02] can be made secure against adversaries that expose even expired secrets.

Note: This is the full version. The extended abstract to appear in proceedings of Applied Cryptography and Network Security 2005.