Abstract
Consider a multiparty system where parties may occasionally be “infected” by malicious, coordinated agents, called viruses. After some time the virus is expelled and the party wishes to regain its security. Since the leaving virus knows the entire contents of the infected party’s memory, a source of “fresh” randomness seems essential for regaining security (e.g., for selecting new keys). However, such an “on-line” source of randomness may not be always readily available.
We describe a scheme which, using randomness only at the beginning of the computation, supplies each party with a new pseudorandom number at each round of communication. Each generated number is unpredictable by an adversary controlling the viruses, even if the party was infected in previous rounds. Our scheme is valid as long as in each round there is at least one noninfected party, and some of the communication links are secure.
We describe an important application of our scheme to secure sign-on protocols.
Part of this research was done while visiting IBM T.J. Watson Research Center. Supported by grant no. 92-00226 from the United States — Israel Binational Science Foundation, Jerusalem, Israel.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
[BGH+93a]_Ray Bird, Inder Gopal, Amir Herzberg, Phil Janson, Shay Kutten, Refik Molva, and Moti Yung. A family of light-weight protocols for authentication and key distribution. Submitted to IEEE T. Networking, 1993.
[BGH+93b]_Ray Bird, Inder Gopal, Amir Herzberg, Phil Janson, Shay Kutten, Refik Molva, and Moti Yung. Systematic design of a family of attack-resistant authentication protocols. IEEE Journal on Selected Areas in Communications, 11(5):679–693, June 1993. Special issue on Secure Communications. See also a different version in Crypto 91.
Steven M. Bellovin and Michael Merritt. Augmented encrypted key exchange: a password based protocol secure against dictionary attacks and password file compromise. In 1st ACM Conference on Computer and Communications Security, pages 244–250, November 1993.
Mihir Bellare and Phil Rogaway. Entity authentication and key distribution. In Advances in Cryptology: Proc. of Crypto 93, pages 232–249, August 1993.
Chee-Seng Chow and Amir Herzberg. A reconstructible proactive pseudorandomness protocol. Work in progress, June 1994.
M. Elchin and J. Rochlis. With microscope and tweezers: An analysis of the internet virus of november 1988. In IEEE Symp. on Security and Privacy, pages 326–343, 1989.
P. Feldman and S. Micali. Optimal algorithms for byzantine agreement. In Proceedings of the 20 th Annual ACM Symposium on Theory of Computing, pages 148–161, May 1988.
Mat Franklin and Moti Yung. Eavesdropping games: A graph-theoretic approach to privacy in distributed systems. In 34th Annual Symposium on Foundations of Computer Science, pages 670–679, November 1993.
Juan A. Garay. Reaching (and maintaining) agreement in the presence of mobile faults. To be presented in WDAG, 1994.
Oded Goldreich, Shafi Goldwasser, and Silvio Micali. On the cryptographic applications of random functions. In Advances in Cryptology: Proc. of Crypto 84, pages 276–288, 1984.
Oded Goldreich, Shafi Goldwasser, and Silvio Micali. How to construct random functions. J. ACM, 33(4):792–807, 1986. Extended abstract in FOCS84.
John Hästad, Russell Impagliazzo, Leonid Levin, and Mike Luby. Construction of pseudo-random generator from any one-way functions. Manuscript, see preliminary versions by Impagliazzo et al. in 21st STOC and Hästad in 22nd STOC, 1993.
Thomas A. Longstaff and Schultz E. Eugene. Beyond preliminary analysis of the wank and oilz worms: A case of study of malicious code. Computers and Security, 12(1):61–77, 1993.
S. P. Miller, C. Neuman, J. I. Schiller, and J. H. Saltzer. Kerberos authentication and authorization system. In Project Athena Technical Plan. Massachusetts Institute of Technology, July 1987.
R. H. Morris and K. Thompson. Unix password security. Comm. ACM, 22(11):594–597, November 1979.
Rafail Ostrovsky and Moti Yung. How to withstand mobile virus attacks. In Proceedings of the 10 th Annual ACM Symposium on Principles of Distributed Computing, Montreal, Quebec, Canada, pages 51–59, 1991.
R. Reischuk. A new solution to the byzantine generals problem. Information and Control, pages 23–42, 1985.
Cliff Stoll. How secure are computers in the u.s.a.? Computers and Security, 7(6):543–547, 1988.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1994 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Canetti, R., Herzberg, A. (1994). Maintaining Security in the Presence of Transient Faults. In: Desmedt, Y.G. (eds) Advances in Cryptology — CRYPTO ’94. CRYPTO 1994. Lecture Notes in Computer Science, vol 839. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48658-5_38
Download citation
DOI: https://doi.org/10.1007/3-540-48658-5_38
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-58333-2
Online ISBN: 978-3-540-48658-9
eBook Packages: Springer Book Archive