One-way hash chains have been the preferred choice, over the symmetric and asymmetric key cryptography, in security setups where efficiency mattered; despite the ephemeral confidentiality and authentication they assure. Known constructions of one-way chains (for example, SHA-1 based), only ensure the forward secrecy and have limitations over their length i.e., a priori, knowledge of chain's length is necessary before constructing it. In this paper, we will see how our approach, based on chameleon functions, leads to the generation of practically unbounded one-way chains with constant storage and computational requirements. We provide the construction and advantages of our proposal with the help of a secure group communication setup. We also provide the implementation details of our construction and argue its suitability for security setups, where one cannot a priori determine the longevity of the setup. Copyright 2006 ACM.
Addressing the shortcomings of one-way chains / Roberto Di, Pietro; Antonio, Durante; Mancini, Luigi Vincenzo; Patil, Vishwas. - STAMPA. - 2006:(2006), pp. 289-296. (Intervento presentato al convegno 2006 ACM Symposium on Information, Computer and Communications Security, ASIACCS '06 tenutosi a Taipei; Taiwan, Province of China nel 21 March 2007 through 24 March 2007) [10.1145/1128817.1128860].
Addressing the shortcomings of one-way chains
MANCINI, Luigi Vincenzo;
2006
Abstract
One-way hash chains have been the preferred choice, over the symmetric and asymmetric key cryptography, in security setups where efficiency mattered; despite the ephemeral confidentiality and authentication they assure. Known constructions of one-way chains (for example, SHA-1 based), only ensure the forward secrecy and have limitations over their length i.e., a priori, knowledge of chain's length is necessary before constructing it. In this paper, we will see how our approach, based on chameleon functions, leads to the generation of practically unbounded one-way chains with constant storage and computational requirements. We provide the construction and advantages of our proposal with the help of a secure group communication setup. We also provide the implementation details of our construction and argue its suitability for security setups, where one cannot a priori determine the longevity of the setup. Copyright 2006 ACM.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.