Affiliation:
1. SPRING Lab , EPFL
2. Philips Research, all work done while a PhD student at Radboud University
3. Open University of the Netherlands, and Radboud University
4. SPRING Lab, EPFL
Abstract
Abstract
Users’ devices, e.g., smartphones or laptops, are typically incapable of securely storing and processing cryptographic keys.We present Tandem, a novel set of protocols for securing cryptographic keys with support from a central server. Tandem uses one-time-use key-share tokens to preserve users’ privacy with respect to a malicious central server. Additionally, Tandem enables users to block their keys if they lose their device, and it enables the server to limit how often an adversary can use an unblocked key. We prove Tandem’s security and privacy properties, apply Tandem to attributebased credentials, and implement a Tandem proof of concept to show that it causes little overhead.
Reference77 articles.
1. [1] Timothy G. Abbott, Katherine J. Lai, Michael R. Lieberman, and Eric C. Price. 2007. Browser-Based Attacks on Tor. In PETS 2007.
2. [2] Tolga Acar, Mira Belenkiy, and Alptekin Küpçü. 2013. Single password authentication. Computer Networks 57, 13 (2013).10.1016/j.comnet.2013.05.007
3. [3] Jesús F. Almansa, Ivan Damgård, and Jesper Buus Nielsen. 2006. Simplified Threshold-RSA with Adaptive and Proactive Security. In EUROCRYPT 2006.10.1007/11761679_35
4. [4] Gergely Alpár, Fabian van den Broek, Brinda Hampiholi, Bart Jacobs, Wouter Lueks, and Sietse Ringers. 2017. IRMA: Practical, Decentralized and Privacy-friendly Identity Management Using Smartphones. In HotPETs 2017.
5. [5] Android security website. 2017. Developing third party applications with Trusty TEE. https://source.android.com/security/trusty/#third-party_trusty_applications. (2017).