Paper 2009/286

On Privacy Losses in the Trusted Agent Model (Abstract)

Paulo Mateus and Serge Vaudenay

Abstract

Tamper-proof devices are pretty powerful. They typically make security applications simpler (provided that the tamper-proof assumption is not violated). For application requiring privacy, we observe that some properties may become harder (if possible at all) to achieve when devices are maliciously used. We take the example of deniability, receipt-freeness, and anonymity. We formalize the trusted agent model which assumes tamper-proof hardware in a way which captures the notion of programmable secure hardware. This model defines a functionality relative to which deniability requires provers to use a tamper proof hardware. Otherwise, any asymmetric situation in which the malicious verifiers have more powerful tamper-proof devices than the honest ones makes deniability impossible. We conclude by observing that the ability to put boundaries in computing devices prevents from providing full control on how private information spreads: the concept of sealing a device is in some sense incompatible with some privacy notions.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Published elsewhere. Presented as a poster at EUROCRYPT'09. Follow up publication at CHES'09.
Keywords
tamper-proof resistancesetup assumptions
Contact author(s)
serge vaudenay @ epfl ch
History
2009-06-16: received
Short URL
https://ia.cr/2009/286
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2009/286,
      author = {Paulo Mateus and Serge Vaudenay},
      title = {On Privacy Losses in the Trusted Agent Model (Abstract)},
      howpublished = {Cryptology ePrint Archive, Paper 2009/286},
      year = {2009},
      note = {\url{https://eprint.iacr.org/2009/286}},
      url = {https://eprint.iacr.org/2009/286}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.