| Cryptographic schemes may suffer from key expositions when deployed in practice.The expositions may stem from cryptanalyses,side-channel leakages,corruptions of protocol entities or human ignorance in key managements.To remedy,this thesis provides solutions along two axes.First,this thesis investigates limiting the damage of side-channel attacks on message authentication codes(MACs).In particular,this thesis provides a family of MACs that are resilient to differential power analysis and timing attacks.The family includes three concrete designs that are optimized for three settings,i.e.,high-end processors with AES-NI instructions,low-end processors with AES-NI instructions,and low-end processors without AES-NI instructions.When AES-NI is available,our schemes build leakage-resilient PRFs from the AES round function and glue them with AES-based hash functions.Otherwise,our design uses the round function of the ISO standard Chaskey MAC.These achieve optimized security/efficiency tradeoffs in the corresponding settings.Second,this thesis investigates embedding key updates in distributed encryption(DiE).In detail,it formalizes the notion of updatable distributed encryption(uDiE)and define its security as message integrity and indistinguishability of updated ciphertexts in the static attacker model.This thesis proposes the first scheme that provably satisfies the above definitions.Our schemes enjoy quite low communication overheads during key rotation:(i)clients and cloud server only exchange ciphertext headers instead of the entire ciphertexts;(ii)the communication overheads among clients are independent of the amount of ciphertexts that need to be updated. |
PDF Full Text Request