Nov 10: Exposure-Resilient Cryptography (survey)
Yevgeniy Dodis, New York Univ.
Much successful research has focused on developing cryptographic protocols
and algorithms
which are secure (in some appropriate and well-defined sense) under the assumption
that ``secret'' information
is kept hidden from the adversary. However, as cryptographic algorithms
are increasingly deployed on
inexpensive, lightweight, mobile, and/or unprotected devices, the risk of
*key exposure* is becoming a
serious threat to the security of many real-world systems. Indeed, in practice
the attacks of this sort are,
in many cases, more likely than attacks which directly "crack" the cryptographic
assumptions on which the
security of the scheme is based. And while at first glance it might appear
that not much can be done to
prevent or mitigate the damage caused by key exposure, the study of *exposure-resilient
cryptography*
has led to a variety of diverse and effective approaches for combating key
exposure.
In this talk, I will survey several recent methodologies in the field of
exposure-resilient cryptography where I
was involved. These methodologies include
(1) remotely-keyed cryptography
(2) two-party schemes (i.e., client-server model)
(3) key evolution (including forward-secure, key-insulated and intrusion-resilient
cryptography)
(4) partial key exposure protection (incl. secret sharing)
(5) biometric authentication
(6) intentional key exposure protection (incl. traitor tracing).
The talk will be introductory and concentrate on items (1)-(3).
--------------------------------------------------------------------------