Key usage detection

Add to your list(s) Download to your calendar using vCal

• Jiangshan Yu (University of Birmingham)
• Thursday 09 October 2014, 11:00-12:00
• Room 245, School of Computer Science.

If you have a question about this talk, please contact Matthijs Melissen.

The problem we aim to solve is that in a communication between two parties secured by using symmetric or asymmetric encryption, if the long term decryption key is compromised, then the security is broken and there is no way to detect the fact of a compromised decryption key.

We consider a scenario where an adversary who can get all (long-term and short-term) secrets of victims, but only for a limited period. (e.g. attackers launch attacks through some system bugs like heartbleed or Shellshock, but the system will be patched soon after the vulnerability is discovered). So, the attacker may get control of the victim’s device repeatedly, but not continuously.

We propose a mechanism to convert communication systems that uses long-term symmetric or asymmetric keys for encryption to a system that can detect unauthorised usage of long-term secret keys, thus provides a better security guarantee. In other words, our proposal makes an attacker with log-term secrets unable to launch attacks to recover the plaintext of previously or future exchanged messages without being detected.

This talk is part of the Computer Security Seminars series.

This talk is included in these lists:

• Computer Science Departmental Series
• Computer Science Distinguished Seminars
• Computer Security Seminars
• Room 245, School of Computer Science
• computer sience

Note that ex-directory lists are not shown.