Cryptology ePrint Archive: Report 2009/474

Resettable Public-Key Encryption: How to Encrypt on a Virtual Machine

Scott Yilek

Abstract: Typical security models used for proving security of deployed cryptographic primitives do not allow adversaries to rewind or reset honest parties to an earlier state. Thus, it is common to see cryptographic protocols rely on the assumption that fresh random numbers can be continually generated. In this paper, we argue that because of the growing popularity of virtual machines and, specifically, their state snapshot and revert features, the security of cryptographic protocols proven under these assumptions is called into question. We focus on public-key encryption security in a setting where resetting is possible and random numbers might be reused. We show that existing schemes and security models are insufficient in this setting. We then provide new formal security models and show that making a simple and efficient modification to any existing PKE scheme gives us security under our new models.

Category / Keywords: public key encryption, virtualization, reset attacks

Date: received 24 Sep 2009, last revised 24 Sep 2009

Contact author: syilek at cs ucsd edu

Available format(s): PDF | BibTeX Citation

Version: 20090926:044558 (All versions of this report)

Short URL: ia.cr/2009/474

Discussion forum: Show discussion | Start new discussion