![]() |
![]() |
University of Birmingham > Talks@bham > Computer Security Seminars > How to detect unauthorised usage of a key
How to detect unauthorised usage of a keyAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Gurchetan Grewal. Encryption is useful only if the decryption key has not been exposed to adversaries; in particular, it requires that the device performing the crypto operations is free of malware. We explore ways in which some security guarantees can be obtained even if an attacker has succeeded in obtaining all the keys in a device, e.g. by exploiting software vulnerabilities. The guarantees we obtain are rather weak, but may still offer useful and practical assurances in some circumstances. We focus on detecting attacks, using methods based on certificate transparency and public append-only logs. We obtain some security by assuming that devices are periodically trustworthy: a device may become vulnerable or infected at any time, but at some later time it will be again made secure through software updates and malware scans. We propose a messaging protocol that exploits this idea to give users meaningful guarantees about the security of messages they receive. We prove the main properties of our protocol using the Tamarin prover. This talk is part of the Computer Security Seminars series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsAnalysis Reading Seminar MaterialWell Physics and Astronomy ColloquiaOther talksTowards the next generation of hazardous weather prediction: observation uncertainty and data assimilation TBA Quantifying the economic and environmental effects of the RCEP TBA Parameter estimation for macroscopic pedestrian dynamics models using trajectory data TBA |