Title :
Encrypting Keys Securely
Author :
Cachin, Christian ; Camenisch, Jan
Author_Institution :
IBM Res. - Zurich, Switzerland
Abstract :
Encryption keys are sometimes encrypted themselves; doing that properly requires special care. Although it might look like an oversight at first, the broadly accepted formal security definitions for cryptosystems don´t allow encryption of key-dependent messages. Furthermore, key-management systems frequently use key encryption or wrapping, which might create dependencies among keys that lead to problems with simple access-control checks. Security professionals should be aware of this risk and take appropriate measures. Novel cryptosystems offer protection for key-dependent messages and should be considered for practical use. Through enhanced access control in key-management systems, you can prevent security-interface attacks.
Keywords :
authorisation; cryptography; message authentication; access control checks; cryptosystem; encryption keys; key management systems; key-dependent messages; security-interface attack preventation; Access control; Cryptography; Encryption; Protection; Security; Semantics; Wrapping; CCA2 security; access control; cryptography; key encryption; key management; security and privacy; semantic security;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2010.124
