Incremental cryptography and application to virus protection

The goal ofincremental cryptography is to design cryptographic algorithms with the property that having applied the algorithm to a document, it is possible to quickly update the result of the algorithm for a modifled document, rather than having to re-compute it from scratch. In settings where cryptographic algorithms such as encryption or signatures are frequently applied to changing documents, dramatic e‐ciency improvements can be achieved. One such setting is the use of authentication tags for virus protection. We consider documents that can be modifled by powerful (and realistic) document modiflcation operations such as insertion and deletion of character-strings (or equivalently cut and paste of text). We provide e‐cient incremental signature and message authentication schemes supporting the above document modiflcation operations. They meet a strong notion of tamper-proof security which is appropriate for the virus protection setting. We initiate a study of incremental encryption, providing deflnitions as well as solutions. Finally, we raise the novel issue of \privacy" of incremental authentication schemes.

[1]  Ralph C. Merkle,et al.  Protocols for Public Key Cryptosystems , 1980, 1980 IEEE Symposium on Security and Privacy.

[2]  János Komlós,et al.  An 0(n log n) sorting network , 1983, STOC.

[3]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[4]  Richard M. Karp,et al.  Efficient Randomized Pattern-Matching Algorithms , 1987, IBM J. Res. Dev..

[5]  E. Szemerédi,et al.  O(n LOG n) SORTING NETWORK. , 1983 .

[6]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[7]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[8]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[9]  Alfred V. Aho,et al.  The Design and Analysis of Computer Algorithms , 1974 .

[10]  Kenneth E. Batcher,et al.  Sorting networks and their applications , 1968, AFIPS Spring Joint Computing Conference.

[11]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[12]  Michael Luby,et al.  How to Construct Pseudo-Random Permutations from Pseudo-Random Functions (Abstract) , 1986, CRYPTO.

[13]  Rafail Ostrovsky,et al.  Efficient computation on oblivious RAMs , 1990, STOC '90.

[14]  Oded Goldreich,et al.  Towards a theory of software protection and simulation by oblivious RAMs , 1987, STOC.

[15]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[16]  Mihir Bellare,et al.  Incremental Cryptography: The Case of Hashing and Signing , 1994, CRYPTO.

[17]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[18]  Mihir Bellare,et al.  The Security of Cipher Block Chaining , 1994, CRYPTO.