On the difficulty of protecting private keys in software

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

This paper makes simple observation on security of the networked cryptographic device resilient to capture that was developed to protect user’s private keys by software-only techniques. That scheme provided valuable features for secure generation of digital signatures or decryption of messages in a way of retaining a password-protected private key in a user-controlled device. The key idea was to exploit network connectivity rather than tamper-resistance of the device for securing the private key in software. However, we have found a few weak points that are not negligible in some sense. It was difficult to protect the private key in software even with provable security. So, we will describe such difficulties and provide possible solutions in this paper. Also the networked cryptographic devices will be augmented in that fashion.

Original languageEnglish
Title of host publicationInformation Security - 5th International Conference, ISC 2002, Proceedings
EditorsAgnes Hui Chan, Virgil Gligor
PublisherSpringer Verlag
Pages17-31
Number of pages15
ISBN (Print)3540442707, 9783540442707
DOIs
Publication statusPublished - 2002
Event5th International Conference on Information Security, ISC 2002 - Sao Paulo, Brazil
Duration: 2002 Sep 302002 Oct 2

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2433
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other5th International Conference on Information Security, ISC 2002
CountryBrazil
CitySao Paulo
Period02/9/3002/10/2

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'On the difficulty of protecting private keys in software'. Together they form a unique fingerprint.

Cite this