License: Creative Commons Attribution 4.0 International license (CC BY 4.0)
When quoting this document, please refer to the following
DOI: 10.4230/LIPIcs.ITC.2021.25
URN: urn:nbn:de:0030-drops-143447
URL: http://dagstuhl.sunsite.rwth-aachen.de/volltexte/2021/14344/
Go to the corresponding LIPIcs Volume Portal

Choi, Gwangbae ; Durak, F. Betül ; Vaudenay, Serge

Post-Compromise Security in Self-Encryption

pdf-format:
LIPIcs-ITC-2021-25.pdf (0.9 MB)

Abstract

In self-encryption, a device encrypts some piece of information for itself to decrypt in the future. We are interested in security of self-encryption when the state occasionally leaks. Applications that use self-encryption include cloud storage, when a client encrypts files to be stored, and in 0-RTT session resumptions, when a server encrypts a resumption key to be kept by the client. Previous works focused on forward security and resistance to replay attacks. In our work, we study post-compromise security (PCS). PCS was achieved in ratcheted instant messaging schemes, at the price of having an inflating state size. An open question was whether state inflation was necessary. In our results, we prove that post-compromise security implies a super-linear state size in terms of the number of active ciphertexts which can still be decrypted. We apply our result to self-encryption for cloud storage, 0-RTT session resumption, and secure messaging. We further show how to construct a secure scheme matching our bound on the state size up to a constant factor.

BibTeX - Entry

@InProceedings{choi_et_al:LIPIcs.ITC.2021.25,
  author =	{Choi, Gwangbae and Durak, F. Bet\"{u}l and Vaudenay, Serge},
  title =	{{Post-Compromise Security in Self-Encryption}},
  booktitle =	{2nd Conference on Information-Theoretic Cryptography (ITC 2021)},
  pages =	{25:1--25:23},
  series =	{Leibniz International Proceedings in Informatics (LIPIcs)},
  ISBN =	{978-3-95977-197-9},
  ISSN =	{1868-8969},
  year =	{2021},
  volume =	{199},
  editor =	{Tessaro, Stefano},
  publisher =	{Schloss Dagstuhl -- Leibniz-Zentrum f{\"u}r Informatik},
  address =	{Dagstuhl, Germany},
  URL =		{https://drops.dagstuhl.de/opus/volltexte/2021/14344},
  URN =		{urn:nbn:de:0030-drops-143447},
  doi =		{10.4230/LIPIcs.ITC.2021.25},
  annote =	{Keywords: Encryption, Ratchet, Post-Compromise Security, Instant Messaging, Session Resumption, Cloud Storage}
}

Keywords: Encryption, Ratchet, Post-Compromise Security, Instant Messaging, Session Resumption, Cloud Storage
Collection: 2nd Conference on Information-Theoretic Cryptography (ITC 2021)
Issue Date: 2021
Date of publication: 19.07.2021

DROPS-Home | Fulltext Search | Imprint | Privacy Published by LZI