7.16 What are proactive security techniques?
Proactive security combines the ideas of distributed cryptography (also called secret sharing) (see Question 2.1.9). with the refreshment of secrets. The term proactive refers to the fact that it's not necessary for a breach of security to occur before secrets are refreshed, the refreshment is done periodically (and hence, proactively).Key refreshment is an important addition to distributed cryptography because without it, an adversary who is able to recover all the distributed secrets given enough time will eventually be successful in breaking the system. For example, consider the following proactive version of Shamir's secret sharing scheme (see Question 3.6.12):
f0(x) = a0 +a1 x+ ¼+ am-1 xm-1
over GF(q) is constructed, and the secret is a0. From the beginning, each user has a point (xi, f0(xi)) with xi ¹ 0. For the first key refreshment, a new polynomial f1 is constructed from f0. More generally, for the kth key refreshment, a polynomial fk+1 is constructed from fk. The polynomial fk+1 is equal to fk + gk, where gk is a random (m-1)-degree polynomial with gk(0) = 0. After each key refreshment the secret is unchanged, but user i's new secret share is (xi, fk+1(xi)) = (xi, fk(xi) + gk(xi)). An adversary who knows less than m current secret shares at any particular time knows nothing about the secret.
- 7.1 What is probabilistic encryption?
- Contribution Agreements: Draft 1
- Contribution Agreements: Draft 2
- 7.2 What are special signature schemes?
- 7.3 What is a blind signature scheme?
- Contribution Agreements: Draft 3
- Contribution Agreements: Final
- 7.4 What is a designated confirmer signature?
- 7.5 What is a fail-stop signature scheme?
- 7.6 What is a group signature?
- 7.7 What is a one-time signature scheme?
- 7.8 What is an undeniable signature scheme?
- 7.9 What are on-line/off-line signatures?
- 7.10 What is OAEP?
- 7.11 What is digital timestamping?
- 7.12 What is key recovery?
- 7.13 What are LEAFs?
- 7.14 What is PSS/PSS-R?
- 7.15 What are covert channels?
- 7.16 What are proactive security techniques?
- 7.17 What is quantum computing?
- 7.18 What is quantum cryptography?
- 7.19 What is DNA computing?
- 7.20 What are biometric techniques?
- 7.21 What is tamper-resistant hardware?
- 7.22 How are hardware devices made tamper-resistant?