Paper 2022/1209
Puncturable Key Wrapping and Its Applications
, ETH Zurich, ETH Zurich, ETH ZurichAbstract
We introduce puncturable key wrapping (PKW), a new cryptographic primitive that supports fine-grained forward security properties in symmetric key hierarchies. We develop syntax and security definitions, along with provably secure constructions for PKW from simpler components (AEAD schemes and puncturable PRFs). We show how PKW can be applied in two distinct scenarios. First, we show how to use PKW to achieve forward security for TLS 1.3 0-RTT session resumption, even when the server's long-term key for generating session tickets gets compromised. This extends and corrects a recent work of Aviram, Gellert, and Jager (Journal of Cryptology, 2021). Second, we show how to use PKW to build a protected file storage system with file shredding, wherein a client can outsource encrypted files to a potentially malicious or corrupted cloud server whilst achieving strong forward-security guarantees, relying only on local key updates.
Note: Add key rap.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- A major revision of an IACR publication in ASIACRYPT 2022
- Keywords
- Puncturing Forward security Key wrapping PPRF TLS Protected file storage
- Contact author(s)
-
mbackendal @ inf ethz ch
mail @ felixguenther info
kenny paterson @ inf ethz ch - History
- 2022-12-04: revised
- 2022-09-13: received
- See all versions
- Short URL
- https://ia.cr/2022/1209
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/1209,
author = {Matilda Backendal and Felix Günther and Kenneth G. Paterson},
title = {Puncturable Key Wrapping and Its Applications},
howpublished = {Cryptology ePrint Archive, Paper 2022/1209},
year = {2022},
note = {\url{https://eprint.iacr.org/2022/1209}},
url = {https://eprint.iacr.org/2022/1209}
}
