Paper 2015/1156
An Identity Based Encryption Scheme Resilient to RAM Scraper Like Malware Attacks
Dipanjan Das, Priyanka Bose, S. Sree Vivek, S. Sharmila Deva Selvi, and C. Pandu Rangan
Abstract
Modern software ecosystem is data-centric. Data exfiltration due to the attacks of Memory Scraper type malwares is an emerging threat. In this paper, we set up an appropriate mathematical model capturing the threat such attacks pose to Identity-Based Cryptosystems (IBE). Following the formalism, we demonstrate an attack on popular Boneh-Franklin CCA2 secure IBE construction that compels us to relook the fact of CCA2 being the de-facto standard of security. We offer two constructions, one identity based and another public-key based (PKE) encryption schemes capable of withstanding Ram Scraper attacks. Our design assumes a hybrid system equipped with a bare minimal 'Trusted Platform Module' (TPM) that can only perform group exponentiation operation. Building systems to implement our IBE/PKE protocols should be feasible as well as efficient from practical standpoint.
Metadata
- Available format(s)
- -- withdrawn --
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Keywords
- Glassbox Security ModelIdentity Based EncryptionRAM ScraperTrusted Platform ModuleHybrid SystemMalware
- Contact author(s)
- its dipanjan das @ gmail com
- History
- 2017-05-28: withdrawn
- 2015-11-30: received
- See all versions
- Short URL
- https://ia.cr/2015/1156
- License
-
CC BY