Matthias Geihs

A security analysis of techniques for long-term integrity protection

The amount of security critical information that is only available in digital form is increasing constantly. Some of these data, such as medical or tax data, need to be preserved for long periods of time. Thus, several schemes for long-term integrity protection of long-lived and archived data were developed. However, a comprehensive security analysis is still missing. In this paper we discuss existing security models for long lived systems and show to what extend they allow to prove the security of those schemes. Then, we introduce a new model that overcomes the shortcomings of the state of the art and allows to formally analyze timestamp-based long-term integrity schemes. Finally, we show how the security level of the long-term integrity scheme can be determined for concrete instantiations.

LINCOS: A Storage System Providing Long-Term Integrity, Authenticity, and Confidentiality

The amount of digital data that requires long-term protection of integrity, authenticity, and confidentiality grows rapidly. Examples include electronic health records, genome data, and tax data. In this paper we present the secure storage system LINCOS, which provides protection of integrity, authenticity, and confidentiality in the long-term, i.e., for an indefinite time period. It is the first such system. It uses the long-term integrity scheme COPRIS, which is also presented here and is the first such scheme that does not leak any information about the protected data. COPRIS uses information-theoretic hiding commitments for confidentiality-preserving integrity and authenticity protection. LINCOS uses proactive secret sharing for confidential storage of secret data. We also present implementations of COPRIS and LINCOS. A special feature of our LINCOS implementation is the use of quantum key distribution and one-time pad encryption for information-theoretic private channels within the proactive secret sharing protocol. The technological platform for this is the Tokyo QKD Network, which is one of worlds most advanced networks of its kind. Our experimental evaluation establishes the feasibility of LINCOS and shows that in view of the expected progress in quantum communication technology, LINCOS is a promising solution for protecting very sensitive data in the cloud.

Long-Term Secure Time-Stamping Using Preimage-Aware Hash Functions

The lifetime of commonly used digital signature schemes is limited because their security is based on computational assumptions that potentially break in the future. In 1993, Bayer et al. suggested that the lifetime of a digital signature can be prolonged by time-stamping the signature together with the signed document. Based on this idea, various long-term timestamp schemes have been proposed and standardized that repeatedly renew the protection with new timestamps. In order to minimize the risk of a design failure affecting the security of these schemes, it is indispensable to formally analyze their security. However, many of the proposed schemes have not been subject to a formal security analysis yet. In this paper, we address this issue by formally describing and analyzing a long-term timestamp scheme that uses hash trees for timestamp renewal. Our analysis shows that the security level of the described scheme degrades cubic over time, which suggests that in practice the scheme should be instantiated with a certain security margin.

MoPS: A Modular Protection Scheme for Long-Term Storage

Current trends in technology, such as cloud computing, allow outsourcing the storage, backup, and archiving of data. This provides efficiency and flexibility, but also poses new risks for data security. It in particular became crucial to develop protection schemes that ensure security even in the long-term, i.e. beyond the lifetime of keys, certificates, and cryptographic primitives. However, all current solutions fail to provide optimal performance for different application scenarios. Thus, in this work, we present MoPS, a modular protection scheme to ensure authenticity and integrity for data stored over long periods of time. MoPS does not come with any requirements regarding the storage architecture and can therefore be used together with existing archiving or storage systems. It supports a set of techniques which can be plugged together, combined, and migrated in order to create customized solutions that fulfill the requirements of different application scenarios in the best possible way. As a proof of concept we implemented MoPS and provide performance measurements. Furthermore, our implementation provides additional features, such as guidance for non-expert users and export functionalities for external verifiers.

Long-Term Secure Commitments via Extractable-Binding Commitments

Cryptographic commitments are either unconditionally hiding or unconditionally binding, but cannot be both. As a consequence, the security of commonly used commitment schemes is threatened in the long-term, when adversaries become computationally much more powerful. We improve over this situation by putting forward a new notion of commitment schemes, so called long-term commitment schemes. These schemes allow for long-term protection because they allow to adjust the protection level after the initial commitment. We also present a construction of a long-term commitment scheme. Unfortunately, it seems impossible to prove the security of such a scheme using the traditional commitment binding definition. Therefore, we put forward a new notion of binding commitments, so called extractable-binding commitments, and use this notion to establish a security proof for our proposed long-term commitment scheme.

On the Security of Long-Lived Archiving Systems Based on the Evidence Record Syntax

The amount of security critical data that is only available in digital form is increasing constantly. The Evidence Record Syntax Specification (ERS) achieves very efficiently important security goals: integrity, authenticity, datedness, and non-repudiation. This paper supports the trustworthiness of ERS by proving ERS secure. This is done in a model presented by Canetti et al. that these authors used to establish the long-term security of the Content Integrity Service (CIS). CIS achieves the same goals as ERS but is much less efficient. We also discuss the model of Canetti et al. and propose new directions of research.

Efficient Integer Encoding for Homomorphic Encryption via Ring Isomorphisms

Homomorphic encryption allows computation on encrypted data at the cost of a significant loss in efficiency. In this paper we propose a powerful integer encoding for homomorphic encryption. The proposed encoding offers more efficient and convenient homomorphic computations on integers compared to previously used methods. This is possible by making the message space of the encryption scheme isomorphic to an integer quotient ring. The encoding can be used across various lattice-based homomorphic encryption schemes such as NTRU and various ring-LWE based schemes. We analyse the efficiency of our proposed encoding, which shows a significant gain compared to a naive integer encoding for a ring-LWE based scheme.

PQChain: Strategic Design Decisions for Distributed Ledger Technologies against Future Threats

Blockchain technology has arisen as a promising protocol to replace centralized and less efficient systems. In fact, for the first time, it is possible to achieve decentralized consensus without the need for trusted authorities, resulting in more efficient processes and saving both money and time.