Strong Forward Security
Abstract.
Forward security has been proposed as a method to minimize the consequences of key exposure. In this paper we analyze this method and consider a vulnerability, which is due to the fact that the exposure may not have been detected. All forward secure cryptosystems proposed so far are vulnerable during the period between key exposure and its detection. We consider the notion of strong forward security in which cryptographically processed data is protected not only for the periods prior to the key exposure but also after key exposure and present two applications with this novel property: a basic public key cryptosystem and an ElGamal-based key escrow scheme.
Keywords: Forward security, key update, intrusion detectionDownload:
(PDF file) / (PS file)
