skip to main content
10.1145/1030083.1030128acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

The dual receiver cryptosystem and its applications

Published: 25 October 2004 Publication History

Abstract

We put forth the notion of a dual receiver cryptosystem and implement it based on bilinear pairings over certain elliptic curve groups. The cryptosystem is simple and efficient yet powerful, as it solves two problems of practical importance whose solutions have proven to be elusive before:(1) A provably secure "combined" public-key cryptosystem (with a single secret key per user in space-limited environment) where the key is used for both decryption and signing and where encryption can be escrowed and recovered, while the signature capability never leaves its owner. This is an open problem proposed by the work of Haber and Pinkas. (2) A puzzle is a method for rate-limiting remote users by forcing them to solve a computational task (the puzzle). Puzzles have been based on cryptographic challenges in the past, but the successful design of embedding a useful cryptographic task inside a puzzle, originally posed by Dwork and Naor, remained an open problem till today. We model and present "useful security puzzles" applicable in two scenarios: a secure fileserver, and an online transaction server (such as a webserver).

References

[1]
M. Abadi, M. Burrow, M. Manasse, and T. Wobber. Moderately Hard, Memory-bound Functions. In Proceedings of the ISOC Symposium on Network and Distributed Systems Security (SNDSS), February 2003.]]
[2]
B. Aiello, S. Bellovin, M. Blaze, R. Canetti, J. Ioannidis, A. Keromytis, and O. Reingold. Efficient, dos-resistant secure key exchange for internet protocols. In ACM Computers and Communications Security conference (CCS), 2002.]]
[3]
D. Andersen, H. Balakrishnan, M. Kaashoek, and R. Morris. Resilient Overlay Networks. In Proceedings of the 18th Symposium on Operating Systems Principles (SOSP), October 2001.]]
[4]
T. Aura and P. Nikander. Stateless connections. In Proceedings of International Conferenec on Information and Communications Security (ICICS), Lecture Notes in Computer Science volume 1334, pages 87--97. Springer, November 1997.]]
[5]
A. Back. Hashcash - A Denial of Service Counter-Measure. http://www.cypherspace.org/hashcash/hashcash.pdf, August 2002.]]
[6]
D. Boneh and M. Franklin. Identity-based encryption from the Weil pairing. In J. Kilian, editor, Advances in Cryptology | CRYPTO 2001, volume 2139 of Lecture Notes in Computer Science, pages 213--229. Springer-Verlag, 2001.]]
[7]
D. Boneh, B. Lynn, and H. Shacham. Short signatures from the Weil pairing. In C. Boyd, editor, Advances in Cryptology | ASIACRYPT 2001, volume 2248 of Lecture Notes in Computer Science, pages 514--532. Springer-Verlag, 2001.]]
[8]
D. Boneh and M. Naor. Timed Commitments (Extended Abstract). In Proceedings of CRYPTO, pages 236--254, August 2000.]]
[9]
D. Dean and A. Stubblefield. Using Client Puzzles to Protect TLS. In Proceedings of the 10th USENIX UNIX Security Symposium, August 2001.]]
[10]
W. Diffie and M. E. Hellman. New directions in cryptography. IEEE Trans. on Information Theory, IT-22(6):644--654, Nov. 1976.]]
[11]
C. Dwork and M. Naor. Pricing via Processing, or Combating Junk Mail. In Proceedings of CRYPTO, pages 139--147, August 1992.]]
[12]
P. Fouque and D. Pointcheval. Thrshold cryptosystems secure against chosen-ciphertext attacks. In C. Boyd, editor, Advances in Cryptology | ASIACRYPT 2001, volume 2248 of Lecture Notes in Computer Science, pages 351--368. Springer-Verlag, 2001.]]
[13]
Y. Frankel and M. Yung. Escrow encryption systems visited: attacks, analysis and designs. In D. Coppersmith, editor, Advances in Cryptology | CRYPTO 1995, volume 963 of Lecture Notes in Computer Science, pages 222--235. Springer-Verlag, 1995.]]
[14]
G. Frey, M. Müller, and H.-G. R. uck. The Tate pairing and the discrete logarithm applied to elliptic curve cryptosystems. IEEE Transactions on Information Theory, 45(5):1717--1719, 1999.]]
[15]
S. D. Galbraith, K. Harrison, and D. Soldera. Implementing the Tate pairing. In C. Fieker and D. R. Kohel, editors, Proc. Algorithmic Number Theory, 5th International Symposium (ANTS-V), volume 2369 of Lecture Notes in Computer Science, pages 324--337. Springer-Verlag, 2002.]]
[16]
J. A. Garay and M. Jakobsson. Timed Release of Standard Digital Signatures. In Proceedings of the 6th Conference on Financial Cryptography, pages 168--182, February 2002.]]
[17]
C. Gentry and A. Silverberg. Hierarchical ID-based cryptography. In Y. Zheng, editor, Advances in Cryptology | ASIACRYPT 2002, volume 2501 of Lecture Notes in Computer Science, pages 548--566. Springer-Verlag, 2002.]]
[18]
V. D. Gligor. Guaranteeing Access in Spite of Distributed Service-Flooding Attacks. In Proceedings of the Security Protocols Workshop, April 2003.]]
[19]
S. Goldwasser and S. Micali. Probabilistic encryption. Journal of Computer and System Sciences, 28(2):270--299, Apr. 1984.]]
[20]
S. Goldwasser, S. Micali, and R. Rivest. A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing, 17(2):281--308, Apr. 1988.]]
[21]
S. Haber and B. Pinkas. Securely combining public-key cryptosystems. In P. Samarti, editor, Proc. 8th ACM Conference on Computer and Communications Security, pages 215--224. ACM Press, 2001.]]
[22]
D. Harkins and D. Carrel. The Internet Key Exchange (IKE). Request for Comments (Proposed Standard) 2409, Internet Engineering Task Force, Nov. 1998.]]
[23]
L. Heberlein and M. Bishop. Attack Class: Address Spoofing. In Proceedings of the 19th National Information Systems Security Conference, pages 371--377, October 1996.]]
[24]
S. Hirose and K. Matsuura. Enhancing the resistance of a provably secure key agreement protocol to a denial-of-service attack. In Proceedings of the 2nd International Conference on Information and Communication Security (ICICS), pages 169--182, November 1999.]]
[25]
K. Houle, G. Weaver, N. Long, and R. Thomas. Trends in Denial of Service Attack Technology. http://www.cert.org/archive/pdf/DoS_trends.pdf, October 2001.]]
[26]
M. Jakobsson and A. Juels. Proofs of Work and Bread Pudding Protocols. In Proceedings of the IFIP TC6 and TC11 Joint Working Conference on Communications and Multimedia Security, September 1999.]]
[27]
P. Janson, G. Tsudik, and M. Yung. Scalability and flexibility in authentication services: the KryptoKnight approach. In Proceedings of IEEE INFOCOM, pages 725--736, April 1997.]]
[28]
A. Joux. A one-round protocol for tripartite Diffie-Hellman. In W. Bosma, editor, Proc. Algorithmic Number Theory, 4th International Symposium (ANTS-IV), volume 1838 of Lecture Notes in Computer Science, pages 385--394. Springer-Verlag, 2000.]]
[29]
A. Joux. The Weil and Tate pairings as building blocks for public key cryptosystems. In C. Fieker and D. R. Kohel, editors, Proc. Algorithmic Number Theory, 5th International Symposium (ANTS-V), volume 2369 of Lecture Notes in Computer Science, pages 20--32. Springer-Verlag, 2002.]]
[30]
A. Joux and K. Nguyen. Separating Decision Diffie-Hellman from Diffie-Hellman in cryptographic groups. Manuscript. Available from eprint.iacr.org, 2001.]]
[31]
A. Juels and J. Brainard. Client puzzles: A cryptographic countermeasure against connection depletion attacks. In Proceedings of the ISOC Symposium on Network and Distributed Systems Security (SNDSS), pages 151--165, February 1999.]]
[32]
P. Karn and W. Simpson. Photuris: Session-key management protocol. Request for Comments (Experimental) 2522, Internet Engineering Task Force, Mar. 1999.]]
[33]
C. Kaufman, R. Perlman, and M. Speciner. Network Security, 2nd Edition. Prentice Hall, 2002.]]
[34]
A. D. Keromytis, V. Misra, and D. Rubenstein. SOS: Secure Overlay Services. In Proceedings of ACM SIGCOMM, pages 61--72, August 2002.]]
[35]
J. Leiwo, P. Nikander, and T. Aura. Towards network denial of service resistant protocols. In Proceedings of the 15th International Information Security Conference (IFIP/SEC), August 2000.]]
[36]
J. Lemmon. Resisting SYN-flood DoS Attacks with a SYN Cache. In Proceedings of the USENIX BSD Conference (BSDCon), February 2001.]]
[37]
M. Naor and M. Yung. Public-key cryptosystems provably secure against chosen ciphertext attacks. In Proc. 22nd Annual ACM Symposium on Theory of Computing (STOC), volume 547 of Lecture Notes in Computer Science, pages 427--437. Springer-Verlag, 1990.]]
[38]
T. Okamoto and D. Pointcheval. REACT: Rapid enhanced-security asymmetric cryptosystem transform. In B. Preneel, editor, Topics in Cryptology | CT-RSA 2002, volume 2271 of Lecture Notes in Computer Science, pages 159--175. Springer-Verlag, 2002.]]
[39]
R. Oppliger. Protecting key exchange and management protocols against resource clogging attacks. In Proceedings of the IFIP TC6 and TC11 Joint Working Conference on Communications and Multimedia Security (CMS), pages 163--175, September 1999.]]
[40]
B. Pinkas. Personal communication.]]
[41]
C. Racko and D. R. Simon. Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In J. Feigenbaum, editor, Advances in Cryptology | CRYPTO 1991, volume 576 of Lecture Notes in Computer Science, pages 433--444. Springer-Verlag, 1991.]]
[42]
R. Rivest and A. Shamir. PayWord and MicroMint. CryptoBytes, 2(1):7--11, 1996.]]
[43]
R. L. Rivest, A. Shamir, and D. A. Wagner. Time-lock Puzzles and Timed-release Crypto. Technical Report MIT/LCS/TR-684, MIT, 1996.]]
[44]
K. Rubin and A. Silverberg. Supersingular abelian varieties in cryptography. In M. Yung, editor, Advances in Cryptology | CRYPTO 2002, volume 2442 of Lecture Notes in Computer Science, pages 336--353. Springer-Verlag, 2002.]]
[45]
C. Schuba, I. Krsul, M. Kuhn, E. Spafford, A. Sundaram, and D. Zamboni. Analysis of a Denial of Service Attack on TCP. In IEEE Security and Privacy Conference, pages 208--223, May 1997.]]
[46]
E. R. Verheul. Evidence that XTR is more secure than supersingluar elliptic curve cryptosystems. In B. Pfizmann, editor, Advances in Cryptology | EUROCRYPT 2001, volume 2045 of Lecture Notes in Computer Science, pages 195--210. Springer-Verlag, 2001.]]
[47]
X. Wang and M. K. Reiter. Defending Against Denial-of-Service Attacks with Puzzle Auctions (Extended Abstract). In Proceedings of the IEEE Symposium on Security and Privacy, May 2003.]]
[48]
A. D. Wood and J. A. Stankovic. Denial of Service in Sensor Networks. IEEE Computer, 35(10):54--62, Oct. 2002.]]
[49]
A. Yaar, A. Perrig, and D. Song. SIFF: A Stateless Internet Flow Filter to Mitigate DDoS Flooding Attacks. In Proceedings of the IEEE Security and Privacy Symposium, May 2004.]]

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
CCS '04: Proceedings of the 11th ACM conference on Computer and communications security
October 2004
376 pages
ISBN:1581139616
DOI:10.1145/1030083
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 October 2004

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. digital signature
  2. elliptic curves
  3. key escrow
  4. pairing-based cryptography
  5. public key
  6. puzzles
  7. useful secure computation

Qualifiers

  • Article

Conference

CCS04
Sponsor:

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)8
  • Downloads (Last 6 weeks)0
Reflects downloads up to 20 Jan 2025

Other Metrics

Citations

Cited By

View all

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media