Mitigating private key compromise

نویسنده

  • Jiangshan Yu
چکیده

Cryptosystems rely on the assumption that the computer end-points can securely store and use cryptographic keys. Yet, this assumption is rather hard to justify in practice. New software vulnerabilities are discovered every day, and malware is pervasive on mobile devices and desktop PCs. This thesis provides research on how to mitigate private key compromise in three different cases. The first case considers compromised signing keys of certificate authorities in public key infrastructure. To address this problem, we analyse and evaluate existing prominent certificate management systems, and propose a new system called Distributed and Transparent Key Infrastructure, which is secure even if all service providers collude together. The second case considers the key compromise in secure communication. We develop a simple approach that either guarantees the confidentiality of messages sent to a device even if the device was previously compromised, or allows the user to detect that confidentiality failed. We propose a multi-device messaging protocol that exploits our concept to allow users to detect unauthorised usage of their device keys. The third case considers the key compromise in secret distribution. We develop a self-healing system, which provides a proactive security guarantee: an attacker can learn a secret only if s/he can compromise all servers simultaneously in a short period.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Addressing the Problem of Undetected Signature Key Compromise

Suppose that messages have been signed using a user's signature private key during the period of time after a key compromise but before the compromise is detected. This is a period of undetected key compromise. Various techniques for detecting a compromise and preventing forged signature acceptance are presented. Attack protection is achieved by requiring a second level of authentication for th...

متن کامل

The Private Sector in the REDD+ Supply Chain: Trends, challenges and opportunities (Key Messages)

A key determinant of REDD+1 success will be ensuring effective private sector engagement. Funding is a major concern in the implementation of REDD+ activities and involving the private sector will be absolutely critical to scale up investment in REDD+. The private sector can also make vital contributions to REDD+ initiatives through the range of its expertise and be part of the solution to miti...

متن کامل

A Closer Look at Revocation and Key Compromise in Public Key Infrastructures

Over time, in order to improve functionality or efficiency, new features have been added to the basic framework of public key infrastructures (PKIs). While these new features are useful, as with any other security critical application, new features can open the door for new types of attacks. In this paper, we will concentrate on those attacks against a PKI which allow an attacker to take advant...

متن کامل

Identity Based Authenticated Key Agreement Protocols from Pairings

We investigate a number of issues related to identity based authenticated key agreement protocols in the Diffie-Hellman family enabled by the Weil or Tate pairings. These issues include how to make protocols efficient; to avoid key escrow by a Trust Authority (TA) who issues identity based private keys for users, and to allow users to use different TAs. We describe a few authenticated key agree...

متن کامل

On the Resilience of Key Agreement Protocols to Key Compromise Impersonation

Key agreement protocols are a fundamental building block for ensuring authenticated and private communications between two parties over an insecure network. This paper focuses on key agreement protocols in the asymmetric authentication model, wherein parties hold a public/private key pair. In particular, we consider a type of known key attack called key compromise impersonation that may occur o...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2016