two head dragon protocol
play

Two-Head Dragon Protocol Introduction Two-Head Preventing Cloning - PowerPoint PPT Presentation

Sep 01, 2022 •341 likes •707 views

Two-Head Dragon Protocol P . Kubiak Two-Head Dragon Protocol Introduction Two-Head Preventing Cloning of Signature Keys Dragon Signatures An Exemplary Realization Przemysaw Ba skiewicz, Przemysaw Kubiak, Mirosaw Kutyowski

  1. Two-Head Dragon Protocol P . Kubiak Two-Head Dragon Protocol Introduction Two-Head Preventing Cloning of Signature Keys Dragon Signatures An Exemplary Realization Przemysław Bła´ skiewicz, Przemysław Kubiak, Mirosław Kutyłowski Wrocław University of Technology INTRUST 2010, Beijing, 14.12.2010

  2. Security threats for private keys on a smart card Two-Head Dragon Protocol P . Kubiak Main concerns: Introduction keys generated on the card: quality of randomness on Two-Head Dragon a smart card might be insufficient, Signatures An Exemplary keys generated by the service provider: key copies out Realization of control of a signer, key leakage by side channel analysis, malicious implementation (e.g. kleptographic leakage of private keys via signatures or public keys).

  3. Smart cards certification: Two-Head Dragon Protocol P . Kubiak Introduction Two-Head Certification of the product Dragon Signatures increasingly complex and costly, An Exemplary Realization users must trust certification bodies, are the certified and the delivered products the same? (it is infeasible to inspect tamper-proof devices)

  4. Another approach Two-Head Dragon Protocol Make evaluation of the product easier for the end-user. P . Kubiak Move responsibility and internal tests to the Introduction manufacturer. Two-Head Dragon Signatures An Exemplary Realization

  5. Another approach Two-Head Dragon Protocol Make evaluation of the product easier for the end-user. P . Kubiak Move responsibility and internal tests to the Introduction manufacturer. Two-Head Dragon Signatures Thus An Exemplary Realization Verify behavior also at the protocol level (examples: tamper evidence protocols, e-voting systems). At least two mechanisms possible: detection of misbehavior (e.g. a central server periodically changing internal state of smart cards) imposing penalty on the card manufacturer (Two-Head Dragon),

  6. Assumptions: Two-Head Dragon Protocol P . Kubiak We assume that an adversary is able to get all secret Introduction keys present on the smart-card (unlike for fail-stop Two-Head Dragon protocols). Signatures If the signature keys are used by the adversary, then An Exemplary Realization they should become publicly known and the owner of the smart card may effectively deny all signatures made. Hence, there is no reason to forge a signature by an adversary .

  7. Two-Head Dragon Protocol P . Kubiak Introduction Two-Head Dragon Signatures An Exemplary The Idea of Two-Head Dragon Realization

  8. The Main Idea: Two-Head Dragon Protocol Some magic .. P . Kubiak We ask a dragon to execute all cryptographic Introduction operations on the smart-card. Two-Head Dragon Signatures An Exemplary Realization

  9. The Main Idea: Two-Head Dragon Protocol Some magic .. P . Kubiak We ask a dragon to execute all cryptographic Introduction operations on the smart-card. Two-Head Dragon Apart from creating signatures, a dragon is guarding Signatures fair use of signature keys. An Exemplary Realization

  10. The Main Idea: Two-Head Dragon Protocol Some magic .. P . Kubiak We ask a dragon to execute all cryptographic Introduction operations on the smart-card. Two-Head Dragon Apart from creating signatures, a dragon is guarding Signatures fair use of signature keys. An Exemplary Realization A dragon has two heads.

  11. The Main Idea: Two-Head Dragon Protocol Some magic .. P . Kubiak We ask a dragon to execute all cryptographic Introduction operations on the smart-card. Two-Head Dragon Apart from creating signatures, a dragon is guarding Signatures fair use of signature keys. An Exemplary Realization A dragon has two heads. Each time when we ask for a signature, one of the heads responds.

  12. The Main Idea: Two-Head Dragon Protocol Some magic .. P . Kubiak We ask a dragon to execute all cryptographic Introduction operations on the smart-card. Two-Head Dragon Apart from creating signatures, a dragon is guarding Signatures fair use of signature keys. An Exemplary Realization A dragon has two heads. Each time when we ask for a signature, one of the heads responds. The answer is not only a signature, but also a half of some incantation related to the signature.

  13. The Main Idea: Two-Head Dragon Protocol Some magic .. P . Kubiak We ask a dragon to execute all cryptographic Introduction operations on the smart-card. Two-Head Dragon Apart from creating signatures, a dragon is guarding Signatures fair use of signature keys. An Exemplary Realization A dragon has two heads. Each time when we ask for a signature, one of the heads responds. The answer is not only a signature, but also a half of some incantation related to the signature. A half of an incantation has no magical effect.

  14. The Main Idea: Two-Head Dragon Protocol .. Some magic P . Kubiak The situation changes if two dragons get the same Introduction cryptographic keys. Two-Head Dragon Signatures An Exemplary Realization

  15. The Main Idea: Two-Head Dragon Protocol .. Some magic P . Kubiak The situation changes if two dragons get the same Introduction cryptographic keys. Two-Head Dragon In fact, as long as only one dragon is asked, nothing Signatures happens. An Exemplary Realization

  16. The Main Idea: Two-Head Dragon Protocol .. Some magic P . Kubiak The situation changes if two dragons get the same Introduction cryptographic keys. Two-Head Dragon In fact, as long as only one dragon is asked, nothing Signatures happens. An Exemplary Realization If two dragons are asked the same question, then it might happen that one dragon says the left side of the incantation and the another dragon says the right side of the incantation.

  17. The Main Idea: Two-Head Dragon Protocol .. Some magic P . Kubiak The situation changes if two dragons get the same Introduction cryptographic keys. Two-Head Dragon In fact, as long as only one dragon is asked, nothing Signatures happens. An Exemplary Realization If two dragons are asked the same question, then it might happen that one dragon says the left side of the incantation and the another dragon says the right side of the incantation. If both parts of the incantation are said the magic starts to work: all signatures created with these keys get burned.

  18. Two-Head Dragon Protocol P . Kubiak Introduction Example Realization Two-Head Dragon Signatures An Exemplary Realization not in the pre-proceedings

  19. System components Two-Head Dragon Protocol P . Kubiak Probabilistic signature scheme C Prob (for signing Introduction messages). Two-Head Dragon Signatures Rabin-Williams signatures RW (for incantations). An Exemplary Incantations are square roots: two square roots from Realization the same value having different Jacobi symbol reveal the private key, i.e. factorization of the modulus. A one-way counter (for asking questions to the dragon). The counter might be implemented as a hash-chain.

  20. Setup phase Two-Head Dragon Protocol P . Kubiak During deployment, apart from generating the public and Introduction Two-Head private keys for the two signature schemes and generating Dragon Signatures a hash chain, the ID-card is bounded to make the following An Exemplary dependence: Realization If the secret key of RW-signature scheme is revealed, then the secret key of the probabilistic scheme becomes publicly known as well.

  21. Signature generation .. Two-Head Dragon Creating a signature for a message M .. Protocol P . Kubiak 1 In order to sign a message M the card receives a next portion of consecutive counter values (say 100 values) Introduction Two-Head t 1 , . . . , t 100 . (We have t i − 1 = h ( t i ) , and the card checks Dragon Signatures correctness of values t i ). An Exemplary Realization

  22. Signature generation .. Two-Head Dragon Creating a signature for a message M .. Protocol P . Kubiak 1 In order to sign a message M the card receives a next portion of consecutive counter values (say 100 values) Introduction Two-Head t 1 , . . . , t 100 . (We have t i − 1 = h ( t i ) , and the card checks Dragon Signatures correctness of values t i ). An Exemplary 2 Hash value H ( M ) of M is calculated, let b 1 , . . . , b 100 be Realization the last 100 bits of the hash.

  23. Signature generation .. Two-Head Dragon Creating a signature for a message M .. Protocol P . Kubiak 1 In order to sign a message M the card receives a next portion of consecutive counter values (say 100 values) Introduction Two-Head t 1 , . . . , t 100 . (We have t i − 1 = h ( t i ) , and the card checks Dragon Signatures correctness of values t i ). An Exemplary 2 Hash value H ( M ) of M is calculated, let b 1 , . . . , b 100 be Realization the last 100 bits of the hash. 3 For each value t 1 , . . . , t 100 its square root s i , i.e. its RW signature, is calculated by the ID-card. Required value of Jacobi symbol of the square root s i is indicated by b i (i.e. for each t i half of incantation is indicated by the message M ). (This step is costly).

  24. .. Signature generation Two-Head Dragon Protocol P . Kubiak Introduction .. creating a signature for a message M Two-Head Dragon Signatures 4 Concatenation of H ( M ) , value t 100 , and sequence An Exemplary S = s 1 , . . . , s 100 is signed with the probabilistic scheme Realization C Prob . The signature is: C Prob ( H ( M ) || t 100 || S ) , t 100 , S

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Generalized Multi- Protocol Label Switching The DRAGON implementation at SARA J u l y 5 t h 2

Generalized Multi- Protocol Label Switching The DRAGON implementation at SARA J u l y 5 t h 2

Generalized Multi- Protocol Label Switching The DRAGON implementation at SARA J u l y 5 t h 2 0 0 6 M a r k M e i j e r i n k R o b P r i c k a e r t s Outline Hybrid networks and SARA GMPLS in a nutshell The DRAGON Project GMPLS @

844 views • 39 slides
THE DRAGON & TIGER COMPANY About HISTORY Established in 2015 , THE DRAGON and TIGER

THE DRAGON & TIGER COMPANY About HISTORY Established in 2015 , THE DRAGON and TIGER

THE DRAGON & TIGER COMPANY About HISTORY Established in 2015 , THE DRAGON and TIGER COMPANY, Began his its journey on Hong-Kong's markets, before extending to Europe and beyond. OUR GROWTH THE DRAGON and TIGER COMPANY, with the

157 views • 11 slides
DRAGON ENGINEERING E nergy E xcellence E xperience DRAGON ENGINEERING E NVIRONMENTAL SERVICES

DRAGON ENGINEERING E nergy E xcellence E xperience DRAGON ENGINEERING E NVIRONMENTAL SERVICES

DRAGON ENGINEERING E nergy E xcellence E xperience DRAGON ENGINEERING E NVIRONMENTAL SERVICES BWMS (B ALLAST W ATER M ANAGEMENT ) EGCS (E XHAUST G AS C LEANING S YSTEMS ), S CRUBBER , S CR U NITS 3D S CANNING , B ASIC - DETAIL D ESIGN & I

96 views • 6 slides
YELLOW DRAGON FRUIT / PITAHAYA / PITAYA Pitahaya (Origin): The cultivation of dragon fruit,

YELLOW DRAGON FRUIT / PITAHAYA / PITAYA Pitahaya (Origin): The cultivation of dragon fruit,

YELLOW DRAGON FRUIT / PITAHAYA / PITAYA Pitahaya (Origin): The cultivation of dragon fruit, develops an endemic variety typical of the Amazon of Ecuador, obtaining the first seeds in Palora city in 1989. For its unique characteristics in physical

292 views • 4 slides
What is i i KP KP? ? i KP i KP: : i i - -Key Key- -Protocol Protocol What is i

What is i i KP KP? ? i KP i KP: : i i - -Key Key- -Protocol Protocol What is i

What is i i KP KP? ? i KP i KP: : i i - -Key Key- -Protocol Protocol What is i -Key-Protocol, i = 1, 2, 3, Family of protocols Secure electronic payment Based on credit card payments Christopher Hsu Can be extended

407 views • 4 slides
PITAYA & PITAHAYA ( DRAGON FRUIT ) THE LEGEND OF THE DRAGON FRUIT (The sensation surrounding

PITAYA & PITAHAYA ( DRAGON FRUIT ) THE LEGEND OF THE DRAGON FRUIT (The sensation surrounding

PITAYA & PITAHAYA ( DRAGON FRUIT ) THE LEGEND OF THE DRAGON FRUIT (The sensation surrounding this fabulous fruit can be attributed to a legend created by ingenious Asian marketers.) According to the legend The fruit was created thousands

486 views • 29 slides
Celebrating 90 years of the Dragon Cannes 20 29 September 2019 A party regatta To mark the 90

Celebrating 90 years of the Dragon Cannes 20 29 September 2019 A party regatta To mark the 90

Celebrating 90 years of the Dragon Cannes 20 29 September 2019 A party regatta To mark the 90 th Anniversary of the International Dragon Class, the Yacht Club de Cannes, in association with the International Dragon Association, invites

349 views • 6 slides
Ontario CT/mCTA Protocol 5 series of images, in the following order: 1. Non-contrast CT Head

Ontario CT/mCTA Protocol 5 series of images, in the following order: 1. Non-contrast CT Head

1 Ontario CT/mCTA Protocol 5 series of images, in the following order: 1. Non-contrast CT Head (axial) 2. CTA neck and head 1.25 2 mm (axial) 3. 5 mm MIP Axial CTA head (2 nd phase of multiphase) 4. 5 mm MIP Axial CTA head (3 rd phase of

227 views • 20 slides
Safety Management Closure Protocol Simon Amor Head of Planning and Development Contents

Safety Management Closure Protocol Simon Amor Head of Planning and Development Contents

A14 Orwell Bridge Safety Management Closure Protocol Simon Amor Head of Planning and Development Contents Overview of Orwell Bridge Health and Safety High Winds Protocol Communications Aerodynamics Study Key Findings

435 views • 24 slides
The Life of An Opiate Addict Documentary FBI & DEA Chasing the Dragon Discussion Guide

The Life of An Opiate Addict Documentary FBI & DEA Chasing the Dragon Discussion Guide

Chasing the Dragon: The Life of An Opiate Addict Documentary FBI & DEA Chasing the Dragon Discussion Guide Documentary is appropriate for high school students, young adults, parents, and community members Central Themes:

618 views • 7 slides
Version 1.2 of Feb. 3. 2019 f1 Purpose The ultimate purpose of the Dragon values system is to

Version 1.2 of Feb. 3. 2019 f1 Purpose The ultimate purpose of the Dragon values system is to

The DRAGON is the most ancestral and universal of myths. It is commonly associated with the idea of strength, power and wisdom. A fierce and implacable guardian of treasures and riches of every kind. Easy to imagine and to remember. It evokes fire

321 views • 12 slides
Leicester City Council Early Help and Prevention Protocol Jackie Difolco: Head of Service (0

Leicester City Council Early Help and Prevention Protocol Jackie Difolco: Head of Service (0

Leicester City Council Early Help and Prevention Protocol Jackie Difolco: Head of Service (0 19 Targeted Services) March 2015 Aims EHA criteria, Pathway and Support for professionals Performance What does good look like and how

183 views • 17 slides
Taming Your Dragon: From No QA to Fully Integrated QA

Taming Your Dragon: From No QA to Fully Integrated QA

W7 Test Transformation Wednesday, October 23rd, 2019 11:30 AM Taming Your Dragon: From No QA to Fully Integrated QA Presented

880 views • 51 slides
EXPLORING INSTITUTIONAL INVESTMENT OPPORTUNITIES IN VIETNAM Dr. Tuan Le Anh Deputy CIO, Head of

EXPLORING INSTITUTIONAL INVESTMENT OPPORTUNITIES IN VIETNAM Dr. Tuan Le Anh Deputy CIO, Head of

EXPLORING INSTITUTIONAL INVESTMENT OPPORTUNITIES IN VIETNAM Dr. Tuan Le Anh Deputy CIO, Head of Research, Portfolio Manager Dragon Capital MACRO AND MARKET PERSPECTIVE 2 Vietnam: COVID-19 Containment PEAK CASE PREDICTION FIRST WAVE:

494 views • 25 slides
West Area Planning Committee Presentation 17/02419/FUL Dragon School 29 Bardwell Road Oxford

West Area Planning Committee Presentation 17/02419/FUL Dragon School 29 Bardwell Road Oxford

West Area Planning Committee Presentation 17/02419/FUL Dragon School 29 Bardwell Road Oxford OX2 6SS Agenda Item 6 Site location plan 30 Existing music buildings 31 Views from Dragon Lane 32 Park Town 33 Views from Norham Road 34

594 views • 20 slides
Attacks on TCP 1 Outline What is TCP protocol? How the TCP Protocol Works SYN

Attacks on TCP 1 Outline What is TCP protocol? How the TCP Protocol Works SYN

Attacks on TCP 1 Outline What is TCP protocol? How the TCP Protocol Works SYN Flooding Attack TCP Reset Attack TCP Session Hijacking Attack 2 TCP Protocol Transmission Control Protocol (TCP) is a core protocol

598 views • 47 slides
Embracing Diversity Symposium Children books project Presentation of Dragon Lake- Estelle

Embracing Diversity Symposium Children books project Presentation of Dragon Lake- Estelle

Embracing Diversity Symposium Children books project Presentation of Dragon Lake- Estelle Cohenny First Id like to thank MMN for the opportunity to work on this project. I would also like to thank Dara Academy and Bong Noi Primary School for

262 views • 3 slides
Metals Analytical Work Group Update Date: 7/22/2020 Metals AWG met twice: July 7 th from 1-4pm

Metals Analytical Work Group Update Date: 7/22/2020 Metals AWG met twice: July 7 th from 1-4pm

Cannabis Science Task Force: Metals Analytical Work Group Update Date: 7/22/2020 Metals AWG met twice: July 7 th from 1-4pm July 22 nd from 1-4pm JULY 7 TH : 1 ST METALS AWG MEETING Roll Call: = Present CSTF (Cannabis Science Task

277 views • 5 slides
Dragons Apprentice Challenge BRINGING EDUCATION, BUSINESS AND NOT FOR PROFIT TOGETHER TO

Dragons Apprentice Challenge BRINGING EDUCATION, BUSINESS AND NOT FOR PROFIT TOGETHER TO

Dragons Apprentice Challenge BRINGING EDUCATION, BUSINESS AND NOT FOR PROFIT TOGETHER TO DEVELOP YOUNG MINDS The story so far... The Dragons Apprentice Challenge predominantly aimed at 16 & 17 year olds has been in operation for 7

322 views • 9 slides
J. R. R. Tolkien Historical Timeline New England Telephone and Telegraph installs the first

J. R. R. Tolkien Historical Timeline New England Telephone and Telegraph installs the first

J. R. R. Tolkien Historical Timeline New England Telephone and Telegraph installs the first Ford model T was send to battery-operated telephone market and was the largest Great depression starts switchboard, in Lexington, produced vehicle

323 views • 6 slides
Delivering S Sustainable V alue Inv nvestor or P Pres esentat ation Septem ember er 2

Delivering S Sustainable V alue Inv nvestor or P Pres esentat ation Septem ember er 2

Delivering S Sustainable V alue Inv nvestor or P Pres esentat ation Septem ember er 2 2012 Certain of the statements made in this Presentation may contain forward-looking statements within the meaning of the United States Private

896 views • 45 slides
Northern Star Resources An Australian gold miner for global investors September 2015

Northern Star Resources An Australian gold miner for global investors September 2015

Northern Star Resources An Australian gold miner for global investors September 2015 Disclaimer Competent Persons Statements The information in this announcement that relates to exploration results, data quality, geological interpretations

633 views • 25 slides
Ellen Vanlint The Idea Gap identified through lack of regular opportunities within Adult Day

Ellen Vanlint The Idea Gap identified through lack of regular opportunities within Adult Day

Ellen Vanlint The Idea Gap identified through lack of regular opportunities within Adult Day Service providers Use learnings from Mobile Me Pilot delivered with Autism Anglia - 6 weeks activity onsite Evidenced learning outcomes from the

323 views • 28 slides
Colt International Ltd Design considerations when integrating smoke and fire curtains into a

Colt International Ltd Design considerations when integrating smoke and fire curtains into a

Colt International Ltd Design considerations when integrating smoke and fire curtains into a building CPD Technical Seminar 2018 People feel better in Colt conditions | www.coltinfo.co.uk People feel better in Colt conditions

603 views • 36 slides

More recommend