Tandem: Securing Keys by Using a Central Server While Preserving Privacy

09/10/2018
by   Wouter Lueks, et al.
0

Users' devices, e.g., smartphones or laptops, are typically incapable of securely storing and processing cryptographic keys. We present Tandem, a novel set of protocols for securing cryptographic keys with support from a central server. Tandem uses one-time-use key-share tokens to, unlike traditional threshold-cryptographic solutions, preserve users' privacy with respect to a malicious central server. Additionally, Tandem enables users to block their keys if they lose their shares, and it enables the server to limit how often an adversary can use an unblocked key. We prove Tandem's security and privacy properties, and we empirically show that it causes little overhead using a proof of concept implementation. To illustrate Tandem's advantages we use it to secure attribute-based credentials keys using a central server without hurting the privacy properties provided by the credential system.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

04/23/2018

Keys in the Clouds: Auditable Multi-device Access to Cryptographic Credentials

Personal cryptographic keys are the foundation of many secure services, ...
08/29/2017

Cryptographically Secure Information Flow Control on Key-Value Stores

We present Clio, an information flow control (IFC) system that transpare...
08/04/2020

DESIRE: A Third Way for a European Exposure Notification System Leveraging the best of centralized and decentralized systems

This document presents an evolution of the ROBERT protocol that decentra...
06/13/2019

Arcula: A Secure Hierarchical Deterministic Wallet for Multi-asset Blockchains

This work presents Arcula, a new design for hierarchical deterministic w...
11/20/2019

Express: Lowering the Cost of Metadata-hiding Communication with Cryptographic Privacy

Existing systems for metadata-hiding messaging that provide cryptographi...
01/06/2021

HERMES: Scalable, Secure, and Privacy-Enhancing Vehicle Access System

We propose HERMES, a scalable, secure, and privacy-enhancing system, whi...
06/19/2018

Formal verification of the YubiKey and YubiHSM APIs in Maude-NPA

In this paper, we perform an automated analysis of two devices developed...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.