MAC Precomputation with Applications to Secure Memory

Garay, Juan A.; Kolesnikov, Vladimir; McLellan, Rae

doi:10.1007/978-3-642-04474-8_34

Cited by 7 publications

(4 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In many cases the available memory within T will not be sufficient to store D or intermediate values during evaluation of f . If needed, T might resort to additional (slow) secure external memory (e.g., [GKM09]). The token T could be instantiated with a cryptographic coprocessor built by a thirdparty manufacturer whom C trusts in a way that T does not leak any information to S. A possible candidate would be the IBM Cryptographic Coprocessor 4758 or its successor 4764 which is certified under FIPS PUB 140-2 [SW99,IBM].…”

Section: Tamper-proof Hardware Token Tmentioning

confidence: 99%

Engineering Secure Two-Party Computation Protocols

Schneider

2012

View full text Add to dashboard Cite

Secure two-party computation, called Secure Function Evaluation (SFE), enables two mutually mistrusting parties (client & server) to evaluate an arbitrary function f on their respective private inputs x, y while revealing nothing but the result z = f (x, y). Although such generic techniques were widely believed to be inefficient, the rapidly growing speed of computers and communication networks, algorithmic improvements, automatic generation and optimizations of SFE protocols have made them usable in practical application scenarios. This thesis summarizes the state of the art in efficient techniques for SFE and presents the following advances in the design, optimization and applications of efficient SFE protocols. Circuit Optimizations and Constructions. The complexity of today's most efficient SFE protocols depends linearly on the size of the boolean circuit representation of the evaluated function. Further, recent techniques for SFE based on improved Garbled Circuits allow for very efficient secure evaluation of XOR gates. We give transformations that substantially reduce the size of boolean circuits if the costs for evaluating XOR gates are lower than for other types of gates. Our optimizations provide more efficient circuits for standard functionalities such as integer comparison and fast multiplication. Applications that benefit from our improvements are secure first-price auctions.

show abstract

Section: Tamper-proof Hardware Token Tmentioning

confidence: 99%

Engineering Secure Two-Party Computation Protocols

Schneider

2012

View full text Add to dashboard Cite

show abstract

“…If needed, T might resort to additional (slow) secure external memory (e.g., [10]). In many cases the available memory within T will not be sufficient to store D or intermediate values during evaluation of f .…”

Section: Tamper-proof Hardware Token Tmentioning

confidence: 99%

Token-Based Cloud Computing

Sadeghi

Schneider

Winandy

2010

Trust and Trustworthy Computing

View full text Add to dashboard Cite

Secure outsourcing of computation to an untrusted (cloud) service provider is becoming more and more important. Pure cryptographic solutions based on fully homomorphic and verifiable encryption, recently proposed, are promising but suffer from very high latency. Other proposals perform the whole computation on tamper-proof hardware and usually suffer from the the same problem. Trusted computing (TC) is another promising approach that uses trusted software and hardware components on computing platforms to provide useful mechanisms such as attestation allowing the data owner to verify the integrity of the cloud and its computation. However, on the one hand these solutions require trust in hardware (CPU, trusted computing modules) that are under the physical control of the cloud provider, and on the other hand they still have to face the challenge of run-time attestation.In this paper we focus on applications where the latency of the computation should be minimized, i.e., the time from submitting the query until receiving the outcome of the computation should be as small as possible. To achieve this we show how to combine a trusted hardware token (e.g., a cryptographic coprocessor or provided by the customer) with Secure Function Evaluation (SFE) to compute arbitrary functions on secret (encrypted) data where the computation leaks no information and is verifiable. The token is used in the setup phase only whereas in the time-critical online phase the cloud computes the encrypted function on encrypted data using symmetric encryption primitives only and without any interaction with other entities.

show abstract

“…In a recent work, Garay et al [9] also address the problem of MAC precomputations. However, they consider MACs in the context of hardware security and show how to perform most of a MAC computation offline, before the message is available.…”

Section: Encrypt-then-macmentioning

confidence: 99%

Delayed-Key Message Authentication for Streams

Fischlin

Lehmann

2010

Theory of Cryptography

View full text Add to dashboard Cite

Abstract. We consider message authentication codes for streams where the key becomes known only at the end of the stream. This usually happens in key-exchange protocols like SSL and TLS where the exchange phase concludes by sending a MAC for the previous transcript and the newly derived key. SSL and TLS provide tailor-made solutions for this problem (modifying HMAC to insert the key only at the end, as in SSL, or using upstream hashing as in TLS). Here we take a formal approach to this problem of delayed-key MACs and provide solutions which are "as secure as schemes where the key would be available right away" but still allow to compute the MACs online even if the key becomes known only later.

show abstract

MAC Precomputation with Applications to Secure Memory

Cited by 7 publications

References 17 publications

Engineering Secure Two-Party Computation Protocols

Engineering Secure Two-Party Computation Protocols

Token-Based Cloud Computing

Delayed-Key Message Authentication for Streams

Contact Info

Product

Resources

About