Abstract
Consider a multiparty system where parties may occasionally be “infected” by malicious, coordinated agents, called viruses. After some time the virus is expelled and the party wishes to regain its security. Since the leaving virus knows the entire contents of the infected party’s memory, a source of “fresh” randomness seems essential for regaining security (e.g., for selecting new keys). However, such an “on-line” source of randomness may not be always readily available. We describe a scheme which, using randomness only at the beginning of the computation, supplies each party with a new pseudorandom number at each round of communication. Each generated number is unpredictable by an adversary controlling the viruses, even if the party was infected in previous rounds. Our scheme is valid as long as in each round there is at least one noninfected party, and some of the communication links are secure. We describe an important application of our scheme to secure sign-on protocols.
| Original language | English |
|---|---|
| Title of host publication | Advances in Cryptology — CRYPTO 1994 - 14th Annual International Cryptology Conference, Proceedings |
| Editors | Yvo G. Desmedt |
| Publisher | Springer Verlag |
| Pages | 425-438 |
| Number of pages | 14 |
| ISBN (Print) | 9783540583332 |
| DOIs | |
| State | Published - 1994 |
| Externally published | Yes |
| Event | 14th Annual International Cryptology Conference, CRYPTO 1994 - Santa Barbara , United States Duration: 21 Aug 1994 → 25 Aug 1994 |
Publication series
| Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Volume | 839 LNCS |
| ISSN (Print) | 0302-9743 |
| ISSN (Electronic) | 1611-3349 |
Conference
| Conference | 14th Annual International Cryptology Conference, CRYPTO 1994 |
|---|---|
| Country/Territory | United States |
| City | Santa Barbara |
| Period | 21/08/94 → 25/08/94 |
Bibliographical note
Publisher Copyright:© Springer-Verlag Berlin Heidelberg 1994.
Funding
Traditionally, cryptography was focused on protecting interacting parties (i.e., computers) against ezternal malicious entities. Such cryptographic tasks include private communication over insecure channels, authentication of parties, unforgeable signatures, and general multiparty secure computation. An inherent property of all these scenarios is that once a party is “corrupted” it remains this way. However, as computers become more complex, internal attacks on computers (i.e., attacks that corrupt components within a computer) have become an even more important security threat [LE93, Sto881. Such attacks may be performed by internal (human) fraud, operating system weaknesses, or Trojan horse software (e.g. viruses). Security administrators often find internal attacks more alarming than external attacks, such as line tappings. An important property of internal * Part of this research was done while visiting IBM T.J. Watson Research Center. Supported by grant no. 92-00226 from the United States - Israel Binational Science Foundation, Jerusalem, Israel.
| Funders | Funder number |
|---|---|
| United States - Israel Binational Agricultural Research and Development Fund |