Sciweavers

ACSAC
2010
IEEE

Keeping data secret under full compromise using porter devices

13 years 9 months ago
Keeping data secret under full compromise using porter devices
We address the problem of confidentiality in scenarios where the attacker is not only able to observe the communication between principals, but can also fully compromise the communicating parties (their devices, not only their long term secrets) after the confidential data has been exchanged. We formalize this problem and explore solutions that provide confidentiality after the full compromise of devices and user passwords. We propose two new solutions that use explicit key deletion and forward-secret protocols combined with key storage on porter devices. Our solutions provide the users with control over their privacy. We analyze the proposed solutions using an automatic verification tool. We also implement a prototype using a mobile phone as a porter device to illustrate how the solution can be realized on modern platforms. Categories and Subject Descriptors C.2 [Computer Systems Organization]: Computer-Communication Networks; K.6.5 [Management of Computing and Information Systems]: ...
Christina Pöpper, David A. Basin, Srdjan Capk
Added 10 Feb 2011
Updated 10 Feb 2011
Type Journal
Year 2010
Where ACSAC
Authors Christina Pöpper, David A. Basin, Srdjan Capkun, Cas J. F. Cremers
Comments (0)