Paper 2009/474

Resettable Public-Key Encryption: How to Encrypt on a Virtual Machine

Scott Yilek

Abstract

Typical security models used for proving security of deployed cryptographic primitives do not allow adversaries to rewind or reset honest parties to an earlier state. Thus, it is common to see cryptographic protocols rely on the assumption that fresh random numbers can be continually generated. In this paper, we argue that because of the growing popularity of virtual machines and, specifically, their state snapshot and revert features, the security of cryptographic protocols proven under these assumptions is called into question. We focus on public-key encryption security in a setting where resetting is possible and random numbers might be reused. We show that existing schemes and security models are insufficient in this setting. We then provide new formal security models and show that making a simple and efficient modification to any existing PKE scheme gives us security under our new models.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown where it was published
Keywords
public key encryptionvirtualizationreset attacks
Contact author(s)
syilek @ cs ucsd edu
History
2009-09-26: received
Short URL
https://ia.cr/2009/474
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/474,
      author = {Scott Yilek},
      title = {Resettable Public-Key Encryption: How to Encrypt on a Virtual Machine},
      howpublished = {Cryptology ePrint Archive, Paper 2009/474},
      year = {2009},
      note = {\url{https://eprint.iacr.org/2009/474}},
      url = {https://eprint.iacr.org/2009/474}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.