Abstract

In this paper, we propose a new notion of timed encryption, in which the encryption is secure within time t while it is completely insecure after some time T>t. We consider the setting where t and T are both polynomial (in the security parameter). This primitive seems useful in applications where some intermediate data needs to be private temporarily while later it is desired to be public. We propose two schemes for this. One is reasonably efficient in the random oracle model; the other is generic without a random oracle. To demonstrate its usefulness, we use it as a building block to construct a new deniable key exchange (KE) protocol. A deniable KE protocol is a protocol that allows two parties to securely agree on a secret while neither of them can prove to a third party the fact of communication. So an honest party can deny his participation in the communication. Our protocol is adaptively deniable and secret in the concurrent and non-eraser model that admits session state reveal attacks and eavesdropping attacks. Here a session state reveal attack in a non-eraser model means that a user does not erase his intermediate data (e.g., due to a system backup) and, when compromised, will hand it out faithfully to an adversary. An eavesdropping attack allows an adversary to eavesdrop transcripts between honest users, in which he is unaware of the randomness. As emphasized by Di Raimondo et al. [14] and Yao and Zhao [30], an eavesdropping attack is very serious toward breaking the deniability. Our protocol is the first to simultaneously achieve all of the above properties without random oracles. The only price we pay is a timing restriction on the protocol execution. However, this restriction is rather weak and is essentially to require a user to answer an incoming message as soon as possible, which can be satisfied by almost all protocols that are executed online.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.