We formalize the trusted agent model which assumes tamper-proof hardware in a way which captures the notion of programmable secure hardware. This model defines a functionality relative to which deniability requires provers to use a tamper proof hardware. Otherwise, any asymmetric situation in which the malicious verifiers have more powerful tamper-proof devices than the honest ones makes deniability impossible.
We conclude by observing that the ability to put boundaries in computing devices prevents from providing full control on how private information spreads: the concept of sealing a device is in some sense incompatible with some privacy notions.Category / Keywords: foundations / tamper-proof resistance, setup assumptions Publication Info: Presented as a poster at EUROCRYPT'09. Follow up publication at CHES'09. Date: received 16 Jun 2009, last revised 16 Jun 2009 Contact author: serge vaudenay at epfl ch Available formats: PDF | BibTeX Citation Version: 20090616:201725 (All versions of this report) Discussion forum: Show discussion | Start new discussion