Cryptology ePrint Archive: Report 2020/1001

Robust distributed symmetric-key encryption

Xunhua Wang and Ben Huson

Abstract: In distributed symmetric-key encryption (DiSE), a set of n distributed servers share a key (or key set) and any t, t <= n, servers can collectively use the shared key (or key set) in a DiSE transaction to encrypt a message or decrypt a ciphertext without reconstructing the shared key (or key set). Each participating server contributes one or more partial results and one participating server called the initiator combines all partial results into a final result. An adversary who has compromised up to (t-1) servers will not be able to access the shared key (or key set).

Due to the distributed nature of DiSE, a DiSE server that has been compromised by an adversary may return wrong partial results to the initiator. Worse, multiple DiSE servers compromised by the same adversary may collude to send back wrong partial results. In this article we developed a robust DiSE that allows an honest initiator to detect wrong partial results by an adversary. The robustness of our DiSE is built through redundant computation. Our robust DiSE can detect wrong partial results by an adversary who has compromised up to min(t-1, n-t) servers. Next, the honest-initiator assumption is removed by rotating the initiator role among active servers across multiple DiSE transactions. A scalable, industry-level implementation for the robust DiSE has been developed and two cases, (t=3, n=5) and (t=16, n=24), have been tested to show the feasibility of robust DiSE. Our robust DiSE can be used to build intrusion-tolerant applications, such as intrusion-tolerant database encryption.

Category / Keywords: secret-key cryptography / Intrusion tolerance, robust computing, distributed symmetric-key encryption (DiSE), robust DiSE, threshold cryptography, distributed pseudo-random function

Date: received 18 Aug 2020

Contact author: wangxx at jmu edu

Available format(s): PDF | BibTeX Citation

Version: 20200818:172905 (All versions of this report)

Short URL: ia.cr/2020/1001


[ Cryptology ePrint archive ]