Sciweavers

CSFW
2009
IEEE

Achieving Security Despite Compromise Using Zero-knowledge

14 years 6 months ago
Achieving Security Despite Compromise Using Zero-knowledge
One of the important challenges when designing and analyzing cryptographic protocols is the enforcement of security properties in the presence of compromised participants. This paper presents a general technique for strengthening cryptographic protocols in order to satisfy authorization policies despite participant compromise. The central idea is to automatically transform the original cryptographic protocols by adding non-interactive zero-knowledge proofs. Each participant proves that the messages sent to the other participants are generated in accordance to the protocol. The zero-knowledge proofs are forwarded to ensure the correct behaviour of all participants involved in the protocol, without revealing any secret data. We use an enhanced type system for zero-knowledge to verify that the transformed protocols conform to their authorization policy even if some participants are compromised. Both the protocol transformation and the verification are fully automated.
Michael Backes, Martin P. Grochulla, Catalin Hritc
Added 20 May 2010
Updated 20 May 2010
Type Conference
Year 2009
Where CSFW
Authors Michael Backes, Martin P. Grochulla, Catalin Hritcu, Matteo Maffei
Comments (0)