A Non-Interactive Key-Evolving Protocol to Provide the Intrusion Resilience

Abstract

Key-evolving techniques defend from secret key exposures and allow to extend the basic properties of cryptographic schemes by updating the keys time after time. The intrusion resilience is an example of properties that can be achieved by the use of this concept. Intrusion-resilient cryptosystems imply the presence of a sequence of keys for different time periods and allow to provide the security of unexposed secret keys even if a subset of secret keys of that sequence is compromised. In this paper, we propose a generic construction over underlying key exchange and digital signature schemes that allows to achieve the security level comparable to intrusion-resilient cryptosystems. The proposed key-evolving protocol is intended to use in systems, where a direct interactive channel between users can be absent and the frequency of message exchange is relatively small (for example, like in e-mail applications), so it is not possible to apply usual interactive methods providing the intrusion resilience. The protocol described in this paper allows to provide an adequate security level in terms of key evolving in systems with limited possibilities to perform interactive cryptographic protocols.