Paper 2020/1001

Robust distributed symmetric-key encryption

Xunhua Wang and Ben Huson

Abstract

In distributed symmetric-key encryption (DiSE), a set of n distributed servers share a key (or key set) and any t, t <= n, servers can collectively use the shared key (or key set) in a DiSE transaction to encrypt a message or decrypt a ciphertext without reconstructing the shared key (or key set). Each participating server contributes one or more partial results and one participating server called the initiator combines all partial results into a final result. An adversary who has compromised up to (t-1) servers will not be able to access the shared key (or key set). Due to the distributed nature of DiSE, a DiSE server that has been compromised by an adversary may return wrong partial results to the initiator. Worse, multiple DiSE servers compromised by the same adversary may collude to send back wrong partial results. In this article we developed a robust DiSE that allows an honest initiator to detect wrong partial results by an adversary. The robustness of our DiSE is built through redundant computation. Our robust DiSE can detect wrong partial results by an adversary who has compromised up to min(t-1, n-t) servers. Next, the honest-initiator assumption is removed by rotating the initiator role among active servers across multiple DiSE transactions. A scalable, industry-level implementation for the robust DiSE has been developed and two cases, (t=3, n=5) and (t=16, n=24), have been tested to show the feasibility of robust DiSE. Our robust DiSE can be used to build intrusion-tolerant applications, such as intrusion-tolerant database encryption.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
Intrusion tolerancerobust computingdistributed symmetric-key encryption (DiSE)robust DiSEthreshold cryptographydistributed pseudo-random function
Contact author(s)
wangxx @ jmu edu
History
2021-04-18: revised
2020-08-18: received
See all versions
Short URL
https://ia.cr/2020/1001
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/1001,
      author = {Xunhua Wang and Ben Huson},
      title = {Robust distributed symmetric-key encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2020/1001},
      year = {2020},
      note = {\url{https://eprint.iacr.org/2020/1001}},
      url = {https://eprint.iacr.org/2020/1001}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.