Achieving Security Despite Compromise Using Zero-knowledge

2009 22nd IEEE Computer Security Foundations Symposium Pub Date : 2009-07-08 DOI:10.1109/CSF.2009.24

M. Backes, Martin P. Grochulla, Catalin Hritcu, Matteo Maffei

{"title":"Achieving Security Despite Compromise Using Zero-knowledge","authors":"M. Backes, Martin P. Grochulla, Catalin Hritcu, Matteo Maffei","doi":"10.1109/CSF.2009.24","DOIUrl":null,"url":null,"abstract":"One of the important challenges when designing and analyzing cryptographic protocols is the enforcement of security properties in the presence of compromised participants. This paper presents a general technique for strengthening cryptographic protocols in order to satisfy authorization policies despite participant compromise. The central idea is to automatically transform the original cryptographic protocols by adding non-interactive zero-knowledge proofs.Each participant proves that the messages sent to the other participants are generated in accordance to the protocol.The zero-knowledge proofs are forwarded to ensure the correct behavior of all participants involved in the protocol, without revealing any secret data.We use an enhanced type system for zero-knowledge to verify that the transformed protocols conform to their authorization policy even if some participants are compromised.Finally, we developed a tool that automatically generates ML implementations of protocols based on zero-knowledge proofs.The protocol transformation, the verification, and the generation of protocol implementations are fully automated.","PeriodicalId":229418,"journal":{"name":"2009 22nd IEEE Computer Security Foundations Symposium","volume":"63 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"20","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 22nd IEEE Computer Security Foundations Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSF.2009.24","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 20

Abstract

One of the important challenges when designing and analyzing cryptographic protocols is the enforcement of security properties in the presence of compromised participants. This paper presents a general technique for strengthening cryptographic protocols in order to satisfy authorization policies despite participant compromise. The central idea is to automatically transform the original cryptographic protocols by adding non-interactive zero-knowledge proofs.Each participant proves that the messages sent to the other participants are generated in accordance to the protocol.The zero-knowledge proofs are forwarded to ensure the correct behavior of all participants involved in the protocol, without revealing any secret data.We use an enhanced type system for zero-knowledge to verify that the transformed protocols conform to their authorization policy even if some participants are compromised.Finally, we developed a tool that automatically generates ML implementations of protocols based on zero-knowledge proofs.The protocol transformation, the verification, and the generation of protocol implementations are fully automated.

查看原文本刊更多论文

利用零知识实现安全

在设计和分析加密协议时，一个重要的挑战是在存在受损参与者的情况下强制执行安全属性。本文提出了一种增强加密协议的通用技术，以便在参与者妥协的情况下满足授权策略。其核心思想是通过添加非交互式零知识证明来自动转换原始加密协议。每个参与者都证明发送给其他参与者的消息是按照协议生成的。转发零知识证明以确保协议中所有参与者的正确行为，而不会泄露任何秘密数据。我们使用增强的零知识类型系统来验证转换后的协议是否符合其授权策略，即使某些参与者受到损害。最后，我们开发了一个工具，可以根据零知识证明自动生成协议的ML实现。协议转换、验证和协议实现的生成都是完全自动化的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2009 22nd IEEE Computer Security Foundations Symposium

自引率

0.00%

发文量