Paper 2015/1156

An Identity Based Encryption Scheme Resilient to RAM Scraper Like Malware Attacks

Dipanjan Das, Priyanka Bose, S. Sree Vivek, S. Sharmila Deva Selvi, and C. Pandu Rangan


Modern software ecosystem is data-centric. Data exfiltration due to the attacks of Memory Scraper type malwares is an emerging threat. In this paper, we set up an appropriate mathematical model capturing the threat such attacks pose to Identity-Based Cryptosystems (IBE). Following the formalism, we demonstrate an attack on popular Boneh-Franklin CCA2 secure IBE construction that compels us to relook the fact of CCA2 being the de-facto standard of security. We offer two constructions, one identity based and another public-key based (PKE) encryption schemes capable of withstanding Ram Scraper attacks. Our design assumes a hybrid system equipped with a bare minimal 'Trusted Platform Module' (TPM) that can only perform group exponentiation operation. Building systems to implement our IBE/PKE protocols should be feasible as well as efficient from practical standpoint.

Available format(s)
-- withdrawn --
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Glassbox Security ModelIdentity Based EncryptionRAM ScraperTrusted Platform ModuleHybrid SystemMalware
Contact author(s)
its dipanjan das @ gmail com
2017-05-28: withdrawn
2015-11-30: received
See all versions
Short URL
Creative Commons Attribution
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.