How to Maintain Authenticated Communication in the Presence of Break-ins
Ran Canetti, Shai Halevi, Amir Herzberg
Abstract: Cryptography provides authenticated communication over untrusted channels, as long as the secret keys are not exposed. However, attacks by hackers and insiders often expose secret keys. Such break-in attacks often control the systems only for a limited time, and therefore security may be regained, provided new keys can be selected and installed securely. This proactive recovery operation must be invoked periodically, since the exposure may remain undetected. We consider a highly adversarial scenario where the adversary has complete control over the network, and can also occasionally break into parties, expose and modify their keys. In this setting we present a mechanism which manages to maintain authenticated communication. Using our scheme as a stepping stone, general ``higher level'' applications for secure multiparty computation, distributed databases, secret sharing , etc., can be performed in this scenario.
Keywords: Authentication, protocols, break ins, distributed signatures, proactive security.
comment: received May 8th, 1996. An earlier version of this paper was written in February 1994. Major revision was done in November 1995.
contact author: canetti@theory.lca.mit.edu
Fetch PostScript file of the full paper.