Information-Theoretic Timed-Release Security: Key-Agreement, Encryption, and Authentication Codes

In this paper, we study timed-release cryptography with information-theoretic security. As fundamental cryptographic primitives with information-theoretic security, we can consider key-agreement, encryption, and authentication codes. Therefore, in this paper we deal with information-theoretic timed-release security for all those primitives. Specifically, we propose models and formalizations of security for information-theoretic timed-release key-agreement, encryption, and authentication codes; we also derive tight lower bounds on entities\u27 memory-sizes required for all those ones; and we show optimal constructions of all those ones. Furthermore, we investigate a relationship of mechanisms between information-theoretic timed-release key-agreement and information-theoretic key-insulated key-agreement. It turns out that there exists a simple algorithm which converts the former into the latter, and vice versa. In the sense, we conclude that these two mechanisms are essentially close

Теоретико-информационное представление виртуализации сетевого канала перехвата

The most difficult task of secure telecommunication systems using symmetric encryption, due to the need for preliminary and resource-intensive organization of secret channels for delivering keys to network correspondents, is key management. An alternative is the generating keys methods through open communication channels. In information theory, it is shown that these methods are implemented under the condition that the channel information rate of correspondents exceeds the rate of the intruder interception channel. The search for methods that provide the informational advantage of correspondents is being updated. The goal is to determine the information-theoretical conditions for the formation of a virtual network and an interception channel, for which the best ratio of information speeds for correspondents is provided compared to the ratio of the original network and interception channel. The paper proposes an information transfer model that includes a connectivity model and an information transfer method for asymptotic lengths of code words. The model includes three correspondents and is characterized by the introduction of an ideal broadcast channel in addition to an errored broadcast channel. The model introduces a source of "noisy" information, which is transmitted over the channel with errors, so the transmission of code words using the known method of random coding is carried out over the channel without errors. For asymptotic lengths of code words, all actions of correspondents in processing and transmitting information in the model are reduced to the proposed method of transmitting information. The use of the method by correspondents within the framework of the transmission model makes it possible to simultaneously form for them a new virtual broadcast channel with information rate as in the original channel with errors, and for the intruder a new virtual broadcast interception channel with a rate lower than the information rate of the initial interception channel. The information-theoretic conditions for deterioration of the interception channel are proved in the statement. The practical significance of the results obtained lies in the possibility of using the latter to assess the information efficiency of open network key formation in the proposed information transfer model, as well as in the development of well-known scientific achievements of open key agreement. The proposed transmission model can be useful for researching key management systems and protecting information transmitted over open channels. Further research is related to the information-theoretic assessment of the network key throughput, which is the potential information-theoretic speed of network key formation.Сложнейшей задачей защищенных телекоммуникационных систем, использующих симметричное шифрование, в связи с необходимостью предварительной и ресурсоемкой организации секретных каналов доставки ключей сетевым корреспондентам, является управление ключами. Альтернативой выступают методы формирования ключей по открытым каналам связи. В теории информации показано, что эти методы реализуются при условии превышения информационной скорости канала корреспондентов над скоростью канала перехвата нарушителя. Актуализируется поиск методов, обеспечивающих получение информационного преимущества корреспондентов. Цель заключается в определении теоретико-информационных условий формирования виртуальных сети и канала перехвата, для которых обеспечивается лучшее у корреспондентов отношение информационных скоростей по сравнению с отношением исходных сети и канала перехвата. В работе предлагается модель передачи информации, включающая модель связности и метод передачи информации для асимптотических длин кодовых слов. Модель включает трех корреспондентов и отличается введением идеального широковещательного канала в дополнение к широковещательному каналу с ошибками. В модели введен источник «зашумляющей» информации, которая передается по каналу с ошибками, поэтому передача кодовых слов с использованием известного метода случайного кодирования производится по каналу без ошибок. Для асимптотических длин кодовых слов все действия корреспондентов по обработке и передаче информации в модели сведены в предлагаемый метод передачи информации. Использование метода корреспондентами в рамках модели передачи позволяет одновременно сформировать для них новый виртуальный широковещательный канал с информационной скоростью, как и в первоначальном канале с ошибками, а для нарушителя новый виртуальный широковещательный канал перехвата со скоростью меньшей информационной скорости первоначального канала перехвата. Теоретико-информационные условия ухудшения канала перехвата доказывается в утверждении. Практическая значимость полученных результатов заключается в возможности использования последних для оценки информационной эффективности открытого сетевого формирования ключей в предложенной модели передачи информации, а также в развитии известных научных достижений открытого ключевого согласования. Предлагаемая модель передачи может быть полезной для проведения исследований систем управления ключами и защиты информации, передаваемой по открытым каналам. Дальнейшие исследования связаны с теоретико-информационной оценкой сетевой ключевой пропускной способности, представляющей собой потенциальную теоретико-информационную скорость формирования сетевого ключа

Simultaneous Secrecy and Reliability Amplification for a General Channel Model

We present a general notion of channel for cryptographic purposes, which can model either a (classical) physical channel or the consequences of a cryptographic protocol, or any hybrid. We consider {\em simultaneous secrecy and reliability amplification} for such channels. We show that simultaneous secrecy and reliability amplification is not possible for the most general model of channel, but, at least for some values of the parameters, it is possible for a restricted class of channels that still includes both standard information-theoretic channels and keyless cryptographic protocols. Even in the restricted model, we require that for the original channel, the failure chance for the attacker must be a factor $c$ more than that for the intended receiver. We show that for any $c > 4$, there is a one-way protocol (where the sender sends information to the receiver only) which achieves simultaneous secrecy and reliability. From results of Holenstein and Renner (\emph{CRYPTO\u2705}), there are no such one-way protocols for $c 1.5$, there are two-way protocols that achieve simultaneous secrecy and reliability. We propose using similar models to address other questions in the theory of cryptography, such as using noisy channels for secret agreement, trade-offs between reliability and secrecy, and the equivalence of various notions of oblivious channels and secure computation

Distributed Source Coding with Encryption Using Correlated Keys

We pose and investigate the distributed secure source coding based on the common key cryptosystem. This cryptosystem includes the secrecy amplification problem for distributed encrypted sources with correlated keys using post-encryption-compression, which was posed investigated by Santoso and Oohama. In this paper we propose another new security criterion which is generally more strict compared to the commonly used security criterion which is based on the upper-bound of mutual information between the plaintext and the ciphertext. Under this criterion, we establish the necessary and sufficient condition for the secure transmission of correlated sources.Comment: 7 pages, 3 figure. The short version was submitted to ISIT 2021. We have some typos in the short version. Those are fixed in this version. arXiv admin note: text overlap with arXiv:1801.0492

A Reflection on the Security of Two-Party Key Establishment Protocols

Two-party key establishment has been a very fruitful research area in cryptography, with many security models and numerous protocols proposed. In this paper, we take another look at the YAK protocol and the HMQV protocols and present some extended analysis. Motivated by our analysis, we reflect on the security properties that are desired by two-party key establishment protocols, and their formalizations. In particular, we take into account the interface between a key establishment protocol and the applications which may invoke it, and emphasize the concept of session and the usage of session identifier. Moreover, we show how to design a two-party key establishment protocol to achieve both key authentication and entity authentication properties in our security model

FRAMEWORK FOR ANONYMIZED COVERT COMMUNICATIONS: A BLOCKCHAIN-BASED PROOF-OF-CONCEPT

In this dissertation, we present an information hiding approach incorporating anonymity that builds on existing classical steganographic models. Current security definitions are not sufficient to analyze the proposed information hiding approach as steganography offers data privacy by hiding the existence of data, a property that is distinct from confidentiality (data existence is known but access is restricted) and authenticity (data existence is known but manipulation is restricted). Combinations of the latter two properties are common in analyses, such as Authenticated Encryption with Associated Data (AEAD), yet there is a lack of research on combinations with steganography. This dissertation also introduces the security definition of Authenticated Stegotext with Associated Data (ASAD), which captures steganographic properties even when there is contextual information provided alongside the hidden data. We develop a hierarchical framework of ASAD variants, corresponding to different channel demands. We present a real-world steganographic embedding scheme, Authenticated SteGotex with Associated tRansaction Data (ASGARD), that leverages a blockchain-based application as a medium for sending hidden data. We analyze ASGARD in our framework and show that it meets Level-4 ASAD security. Finally, we implement ASGARD on the Ethereum platform as a proof-of-concept and analyze some of the ways an adversary might detect our embedding activity by analyzing historical Ethereum data.Lieutenant, United States NavyApproved for public release. Distribution is unlimited