Tandem: Securing Keys by Using a Central Server While Preserving Privacy

09/10/2018
by   Wouter Lueks, et al.
0

Users' devices, e.g., smartphones or laptops, are typically incapable of securely storing and processing cryptographic keys. We present Tandem, a novel set of protocols for securing cryptographic keys with support from a central server. Tandem uses one-time-use key-share tokens to, unlike traditional threshold-cryptographic solutions, preserve users' privacy with respect to a malicious central server. Additionally, Tandem enables users to block their keys if they lose their shares, and it enables the server to limit how often an adversary can use an unblocked key. We prove Tandem's security and privacy properties, and we empirically show that it causes little overhead using a proof of concept implementation. To illustrate Tandem's advantages we use it to secure attribute-based credentials keys using a central server without hurting the privacy properties provided by the credential system.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
04/23/2018

Keys in the Clouds: Auditable Multi-device Access to Cryptographic Credentials

Personal cryptographic keys are the foundation of many secure services, ...
research
08/29/2017

Cryptographically Secure Information Flow Control on Key-Value Stores

We present Clio, an information flow control (IFC) system that transpare...
research
08/04/2020

DESIRE: A Third Way for a European Exposure Notification System Leveraging the best of centralized and decentralized systems

This document presents an evolution of the ROBERT protocol that decentra...
research
06/13/2019

Arcula: A Secure Hierarchical Deterministic Wallet for Multi-asset Blockchains

This work presents Arcula, a new design for hierarchical deterministic w...
research
11/20/2019

Express: Lowering the Cost of Metadata-hiding Communication with Cryptographic Privacy

Existing systems for metadata-hiding messaging that provide cryptographi...
research
01/06/2021

HERMES: Scalable, Secure, and Privacy-Enhancing Vehicle Access System

We propose HERMES, a scalable, secure, and privacy-enhancing system, whi...
research
09/12/2022

SmartKex: Machine Learning Assisted SSH Keys Extraction From The Heap Dump

Digital forensics is the process of extracting, preserving, and document...

Please sign up or login with your details

Forgot password? Click here to reset