From Stateful Hardware to Resettable Hardware Using Symmetric Assumptions

Döttling, Nico; Kraschewski, Daniel; Müller-Quade, Jörn; Nilges, Tobias

doi:10.1007/978-3-319-26059-4_2

Cited by 6 publications

(3 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Here we show that the notion of quantum DMACs is powerful enough to turn any stateful and classically-queried classical oracle into a stateless one. Our technique follows the approach of Döttling et al [27]. We model a stateful oracle as a stateless oracle together with a stateful database that stores the queries.…”

Section: Reducing Stateful To Stateless Oraclesmentioning

confidence: 99%

Cryptography with Disposable Backdoors

et al. 2019

View full text Add to dashboard Cite

Backdooring cryptographic algorithms is an indisputable taboo in the cryptographic literature for a good reason: however noble the intentions, backdoors might fall in the wrong hands, in which case security is completely compromised. Nonetheless, more and more legislative pressure is being produced to enforce the use of such backdoors. In this work we introduce the concept of disposable cryptographic backdoors which can be used only once and become useless after that. These exotic primitives are impossible in the classical digital world without stateful and secure trusted hardware support, but, as we show, are feasible assuming quantum computation and access to classical stateless hardware tokens. Concretely, we construct a disposable (single-use) version of message authentication codes, and use them to derive a black-box construction of stateful hardware tokens in the above setting with quantum computation and classical stateless hardware tokens. This can be viewed as a generic transformation from stateful to stateless tokens and enables, among other things, one-time programs and memories. This is to our knowledge the first provably secure construction of such primitives from stateless tokens. As an application of disposable cryptographic backdoors we use our constructed primitive above to propose a middle-ground solution to the recent legislative push to backdoor cryptography: the conflict between Apple and FBI. We show that it is possible for Apple to create a one-time backdoor which unlocks any single device, and not even Apple can use it to unlock more than one, i.e., the backdoor becomes useless after it is used. We further describe how to use our ideas to derive a version of CCA-secure public key encryption, which is accompanied with a disposable (i.e., single-use, as in the above scenario) backdoor.

show abstract

Section: Reducing Stateful To Stateless Oraclesmentioning

confidence: 99%

Cryptography with Disposable Backdoors

et al. 2019

View full text Add to dashboard Cite

show abstract

“…Other approaches as shown in e.g. [17,18,20] are more efficient, but require the token code and therefore cannot be reused.…”

Section: Related Workmentioning

confidence: 99%

“…First, stateful tamper-proof hardware was considered [14,17,24,26,33,38], then weaker models of tamper-proof hardware, where the hardware token cannot reliably keep a state, i.e. the receiver can reset the token [11,12,15,[18][19][20][25][26][27][28]34].…”

Section: Introductionmentioning

confidence: 99%

Reusing Tamper-Proof Hardware in UC-Secure Protocols

Mechler

Müller-Quade

Nilges

2018

Public-Key Cryptography – PKC 2018

Self Cite

View full text Add to dashboard Cite

Universally composable protocols provide security even in highly complex environments like the Internet. Without setup assumptions, however, UC-secure realizations of cryptographic tasks are impossible. Tamper-proof hardware tokens, e.g. smart cards and USB tokens, can be used for this purpose. Apart from the fact that they are widely available, they are also cheap to manufacture and well understood.Currently considered protocols, however, suffer from two major drawbacks that impede their practical realization:-The functionality of the tokens is protocol-specific, i.e. each protocol requires a token functionality tailored to its need. -Different protocols cannot reuse the same token even if they require the same functionality from the token, because this would render the protocols insecure in current models of tamper-proof hardware. In this paper we address these problems. First and foremost, we propose formalizations of tamper-proof hardware as an untrusted and global setup assumption. Modeling the token as a global setup naturally allows to reuse the tokens for arbitrary protocols. Concerning a versatile token functionality we choose a simple signature functionality, i.e. the tokens can be instantiated with currently available signature cards. Based on this we present solutions for a large class of cryptographic tasks.

show abstract