How to keep a secret: leakage deterring public-key cryptosystems

Aggelos Kiayias, Qiang Tang

Research output: Chapter in Book/Report/Conference proceedingConference contribution


How is it possible to prevent the sharing of cryptographic functions? This question appears to be fundamentally hard to address since in this setting the owner of the key is the adversary: she wishes to share a program or device that (potentially only partly) implements her main cryptographic functionality. Given that she possesses the cryptographic key, it is impossible for her to be prevented from writing code or building a device that uses that key. She may though be deterred from doing so. We introduce leakage-deterring public-key cryptosystems to address this problem. Such primitives have the feature of enabling the embedding of owner-specific private data into the owner's public-key so that given access to any (even partially functional) implementation of the primitive, the recovery of the data can be facilitated. We formalize the notion of leakage-deterring in the context of encryption, signature, and identification and we provide efficient generic constructions that facilitate the recoverability of the hidden data while retaining privacy as long as no sharing takes place.
Original languageEnglish
Title of host publication2013 ACM SIGSAC Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4-8, 2013
Number of pages12
ISBN (Print)978-1-4503-2477-9
Publication statusPublished - 2013


Dive into the research topics of 'How to keep a secret: leakage deterring public-key cryptosystems'. Together they form a unique fingerprint.

Cite this