Title :
Networked cryptographic devices resilient to capture
Author :
Mackenzie, Philip ; Reiter, Michael K.
Author_Institution :
Bell Labs., Lucent Technol., Murray Hill, NJ, USA
Abstract :
We present a simple technique by which a device that performs private key operations (signatures or decryptions) in networked applications, and whose local private key is activated with a password or PIN, can be immunized to offline dictionary attacks in case the device is captured. Our techniques do not assume tamper resistance of the device, but rather exploit the networked nature of the device, in that the device´s private key operations are performed using a simple interaction with a remote server. This server however, is untrusted-its compromise does not reduce the security of the device´s private key unless the device is also captured and need not have a prior relationship with the device. We further extend this approach with support for key disabling, by which the rightful owner of a stolen device can disable the device´s private key even if the attacker already knows the user´s password
Keywords :
authorisation; cryptography; distributed processing; cryptography; data security; decryptions; key disabling; networked applications; networked cryptographic devices; offline dictionary attacks; password; private key operations; remote server; signatures; tamper resistance; Authentication; Computer crime; Dictionaries; Network servers; Protection; Protocols; Public key; Public key cryptography;
Conference_Titel :
Security and Privacy, 2001. S&P 2001. Proceedings. 2001 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-7695-1046-9
DOI :
10.1109/SECPRI.2001.924284
