Intrusion-resilient key-evolving protocol under the discrete logarithm problem

Abstract

These days, with the advancement and propagation of the Internet and Information Technology, many security issues have emerged. One of keys enabling to deal with such issues is to adopt Cryptography. Unfortunately, cryptography will not work well if a piece of critical information ($\emph{e.g. secret key}$) is not kept secret from unauthorized entities. When the secret key is revealed, all cryptographic systems will be compromised. Actually, exposing secret keys seems to be unavoidable. And we call this the key exposure problem. Recently, the notion of $\emph{key-evolving paradigm (or key-evolving protocol)}$ was proposed as a means of mitigating the harmful effects that key exposure can cause. In this model, the whole lifetime is divided into distinct periods such that at time period j, the signer holds the secret key $SK_j$ and updates it periodically, while the public key PK is fixed during its lifetime. In this thesis, we investigate the key exposure problem in a key-evolving protocol. We then present the concept of intrusion-resilience, one of alternative concepts such as forward-security, key-insulated security, etc., standing against the key exposure problem. Our intrusion-resilience has the following property: If secret keys of all periods are not compromised, it is impossible to forge signatures relating to non-exposed secret keys. In the next stage, we propose a key-evolving protocol which guarantees intrusion-resilience. Our scheme is constructed from the unforgeably secure Schnorr signature scheme, one of the schemes based on the $\emph{discrete logarithm problem}$ (DLP). Applying for a threshold scheme is also enabling to make our scheme robust. Finally, we can show equivalence between existence of a forger and feasibility of solving the DLP under the random oracle model.