Paper 2008/190

User-Sure-and-Safe Key Retrieval

Daniel R. L. Brown

Abstract

In a key retrieval scheme, a human user interacts with a client computer to retrieve a key. A scheme is user-sure if any adversary without access to the the user cannot distinguish the retrieved key from a random key. A scheme is user-safe if any adversary without access to the client's keys, or simultaneous user and client access, cannot exploit the user to distinguish the retrieved key from a random key. A multiple-round key retrieval scheme, where the user is given informative prompts to which the user responds, is proved to be user-sure and user-safe. Remote key retrieval involves a keyless client and a remote, keyed server. User-sure and user-safe are defined similarly for remote key retrieval. The scheme is user-anonymous if the server cannot identify the user. A remote version of the multiple-round key retrieval scheme is proved to be user-sure, user-safe and user-anonymous.

Metadata
Available format(s)
PS
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
user security
Contact author(s)
dbrown @ certicom com
History
2008-04-29: received
Short URL
https://ia.cr/2008/190
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2008/190,
      author = {Daniel R.  L.  Brown},
      title = {User-Sure-and-Safe Key Retrieval},
      howpublished = {Cryptology {ePrint} Archive, Paper 2008/190},
      year = {2008},
      url = {https://eprint.iacr.org/2008/190}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.