Device Attacker Models: Fact and Fiction
According to standard fiction, a user is able to securely keep long term keys on his device. However, in fact his device may become infected with malware, and an adversary may obtain a copy of his key. We propose an attacker model in which devices are “periodically trustworthy” — they may become infected by malware, and then later become trustworthy again after software patches and malware scans have been applied, in an ongoing cycle. This paper proposes a solution to make the usage of private keys by attackers detectable by using public transparently-maintained logs to monitor the usage of long-term secret keys.
KeywordsAttacker model Key compromise detection Key usage monitoring
The authors thank Ross Anderson, Daniel Thomas, and all other attendees of International Workshop on Security Protocols for their comments and discussions. Jiangshan Yu is supported by the EPSRC project EP/H005501/1.
- 1.Laurie, B., Langley, A., Kasper, E.: Certificate Transparency. RFC 6962 (Experimental) (2013)Google Scholar
- 2.Kim, T.H.J., Huang, L.S., Perrig, A., Jackson, C., Gligor, V.: Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure. In: The 22nd International World Wide Web Conference (WWW 2013) (2013)Google Scholar
- 3.Ryan, M.D.: Enhanced certificate transparency and end-to-end encrypted mail. In: Network and Distributed System Security (NDSS) (2014)Google Scholar
- 4.Yu, J., Cheval, V., Ryan, M.: DTKI: a new formalized PKI with no trusted parties. CoRR abs/1408.1023 (2014)Google Scholar
- 5.Merkle, R.C.: A digital signature based on a conventional encryption function. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 369–378. Springer, Heidelberg (1988) Google Scholar
- 6.Kim, T.H., Gupta, P., Han, J., Owusu, E., Hong, J.I., Perrig, A., Gao, D.: ARPKI: attack resilient public-key infrastructure. In: ACM CCS (2014)Google Scholar
- 7.Melara, M.S., Blankstein, A., Bonneau, J., Freedman, M.J., Felten, E.W.: CONIKS: A privacy-preserving consistent key service for secure end-to-end communication. IACR Cryptology ePrint Archive (2014)Google Scholar
- 11.CVE: Common vulnerabilities and exposures list. https://cve.mitre.org/cve/index.html. Accessed on Feb 2015