| Cryptographic computations (such as: encrypting or signing messages) are often performed on insecure devices. Once adversaries access to these devices, key exposure will be inevitable. For any standard cryptosystem, key exposure means that all of the security is lost. In order to reduce the damage caused by key exposure, Anderson proposed the concept of forward security in 1997. In a forward-secure cryptosystem, the secret key is updated at regular periods of time using a one-way function. Exposure of the secret key corresponding to a given time period does not enable an adversary to break the cryptosystem for any prior time period.This thesis proposes several schemes as follow:1. This thesis proposes a method to transform any standard encryption scheme to a forward secure one. The efficiency of this scheme is very high.2. This thesis proposes a new approach to update the secret key. The revers of this approach is a hard problem. Though this problem is easier than the discrete logarithm problem, computing discrete logarithm is the most efficient method to solve the problem by far.3. Combining the new key updating approach with the ElGamal encryption scheme and the Cramer-Shoup encryption scheme respectively, this thesis gives two forward secure schemes: FS-CPA-PKE scheme and FS-CCA2-PKE scheme. The FS-CPA-PKE scheme is a heuristic forward secure encryption scheme, and achieves chosen plaintext attack security. The FS-CCA2-PKE scheme is an adaptive chosen ciphertext attack secure scheme, and all parameters are independent of the total number of time periods. These parameters include the length of the public key, private key and ciphertext, the amount of calculation of encrypting and decrypting.4. This thesis presents a forward secure signature scheme using certification chain. Construction process of this sheme can be seen as a standard method to transform any signature into a forward secure one. This method has a fixed length of the public key, private key and signature. The signing algorithm and verifying algorithm are very efficient.5. Combining the new key updating approach with the Schnorr signature, this thesis proposes FS-Sign-2 scheme. FS-Sign-2 scheme is a forward secure signature against adaptive chosen message attack. This scheme has many good properties: all the parameters is fixed, not growing with the increase of the total number of times periods. It is the first one achieving this goal.6. This thesis presents a forward secure group key exchange protocol. This protocol is a dynamic scheme, and is very efficient. It has provable security against any adaptive adversary. |
PDF Full Text Request