[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
MIT Talk on randomness/key management
[I have no more information than is contained in the announcement --AW]
> Friday, April 15, 1994
> Refreshments at 1:45pm, Talk at 2:00pm in NE43-518
>
>``Regaining Pseudorandomness by Cooperation with Applications to Key
> Management''
> by Amir Herzberg, IBM Watson
>
> ABSTRACT
>
>Consider a multiparty system where parties may be occasionally
>``infected'' by malicious agents, called {\sf viruses.} The viruses
>are controlled by an adversary. Once a party is infected the entire
>contents of its memory is revealed and possibly modified. After some
>time the virus is expelled and the party wishes to regain its
>security. Since the leaving virus knows the entire contents of the
>infected party's memory, a source of ``fresh'' randomness,
>unpredictable by the adversary, seems essential for full recovery
>(e.g., for selecting new keys). However, such an ``on-line'' source
>of randomness may not be always readily available, or beneficial to use.
>
>We describe a scheme in which the parties, being given access to
>randomness only at the onset of the computation, jointly generate a
>sequence of numbers that are pseudorandom from the point of view of
>the adversary (a different generated number for the use of each party
>at each round). Thus, these pseudorandom numbers can be used just as
>``fresh'' randomness in the design of protocols (e.g., for regaining
>security). These properties of our scheme hold as long as in each
>round there is at least {\em one} non-infected party.
>
>We describe an important application of our scheme to
>practical key-management systems, such as Kerberos and \NetSP.
>
>Joint with Ran Canetti, Weizmann Institute
>
>Host: Nancy Lynch