University of Birmingham > Talks@bham > Computer Security Seminars > Key usage detection

Key usage detection

Add to your list(s) Download to your calendar using vCal

If you have a question about this talk, please contact Matthijs Melissen.

The problem we aim to solve is that in a communication between two parties secured by using symmetric or asymmetric encryption, if the long term decryption key is compromised, then the security is broken and there is no way to detect the fact of a compromised decryption key.

We consider a scenario where an adversary who can get all (long-term and short-term) secrets of victims, but only for a limited period. (e.g. attackers launch attacks through some system bugs like heartbleed or Shellshock, but the system will be patched soon after the vulnerability is discovered). So, the attacker may get control of the victim’s device repeatedly, but not continuously.

We propose a mechanism to convert communication systems that uses long-term symmetric or asymmetric keys for encryption to a system that can detect unauthorised usage of long-term secret keys, thus provides a better security guarantee. In other words, our proposal makes an attacker with log-term secrets unable to launch attacks to recover the plaintext of previously or future exchanged messages without being detected.

This talk is part of the Computer Security Seminars series.

Tell a friend about this talk:

This talk is included in these lists:

Note that ex-directory lists are not shown.

 

Talks@bham, University of Birmingham. Contact Us | Help and Documentation | Privacy and Publicity.
talks@bham is based on talks.cam from the University of Cambridge.