Paper 2018/727

DiSE: Distributed Symmetric-key Encryption

Shashank Agrawal, Payman Mohassel, Pratyay Mukherjee, and Peter Rindal

Abstract

Threshold cryptography provides a mechanism for protecting secret keys by sharing them among multiple parties, who then jointly perform cryptographic operations. An attacker who corrupts upto a threshold number of parties cannot recover the secrets or violate security. Prior works in this space have mostly focused on definitions and constructions for public-key cryptography and digital signatures, and thus do not capture the security concerns and efficiency challenges of symmetric-key based applications which commonly use long-term (unprotected) master keys to protect data at rest, authenticate clients on enterprise networks, and secure data and payments on IoT devices. We put forth the first formal treatment for distributed symmetric-key encryption, proposing new notions of correctness, privacy and authenticity in presence of malicious attackers. We provide strong and intuitive game-based definitions that are easy to understand and yield efficient constructions. We propose a generic construction of threshold authenticated encryption based on any distributed pseudorandom function (DPRF). When instantiated with the two different DPRF constructions proposed by Naor, Pinkas and Reingold (Eurocrypt 1999) and our enhanced versions, we obtain several efficient constructions meeting different security definitions. We implement these variants and provide extensive performance comparisons. Our most efficient instantiation uses only symmetric-key primitives and achieves a throughput of upto 1 million encryptions/decryptions per seconds, or alternatively a sub-millisecond latency with upto 18 participating parties.

Note: A minor fix.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Minor revision. ACM CCS 2018
DOI
10.1145/3243734.3243774
Keywords
Threshold CryptographyAuthenticated Encryption
Contact author(s)
pratyay85 @ gmail com
History
2018-09-19: revised
2018-08-09: received
See all versions
Short URL
https://ia.cr/2018/727
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/727,
      author = {Shashank Agrawal and Payman Mohassel and Pratyay Mukherjee and Peter Rindal},
      title = {DiSE: Distributed Symmetric-key Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2018/727},
      year = {2018},
      doi = {10.1145/3243734.3243774},
      note = {\url{https://eprint.iacr.org/2018/727}},
      url = {https://eprint.iacr.org/2018/727}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.