International Association for Cryptologic Research
How is it possible to prevent the sharing of cryptographic functions? This question appears to be fundamentally hard to address since in this setting the owner of the key is the adversary: they wishes to share a program or device that (potentially only partly) implements the users' main cryptographic functionality. Given that they possess the cryptographic key, it is impossible for the user to be prevented from writing code or building a device that uses that key. They may though be deterred from doing so. The authors introduce leakage-deterring public-key cryptographic primitives to address this problem.