Device Attacker Models: Fact and Fiction

  • Jiangshan Yu
  • Mark D. RyanEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9379)


According to standard fiction, a user is able to securely keep long term keys on his device. However, in fact his device may become infected with malware, and an adversary may obtain a copy of his key. We propose an attacker model in which devices are “periodically trustworthy” — they may become infected by malware, and then later become trustworthy again after software patches and malware scans have been applied, in an ongoing cycle. This paper proposes a solution to make the usage of private keys by attackers detectable by using public transparently-maintained logs to monitor the usage of long-term secret keys.


Attacker model Key compromise detection Key usage monitoring 



The authors thank Ross Anderson, Daniel Thomas, and all other attendees of International Workshop on Security Protocols for their comments and discussions. Jiangshan Yu is supported by the EPSRC project EP/H005501/1.


  1. 1.
    Laurie, B., Langley, A., Kasper, E.: Certificate Transparency. RFC 6962 (Experimental) (2013)Google Scholar
  2. 2.
    Kim, T.H.J., Huang, L.S., Perrig, A., Jackson, C., Gligor, V.: Accountable key infrastructure (AKI): a proposal for a public-key validation infrastructure. In: The 22nd International World Wide Web Conference (WWW 2013) (2013)Google Scholar
  3. 3.
    Ryan, M.D.: Enhanced certificate transparency and end-to-end encrypted mail. In: Network and Distributed System Security (NDSS) (2014)Google Scholar
  4. 4.
    Yu, J., Cheval, V., Ryan, M.: DTKI: a new formalized PKI with no trusted parties. CoRR abs/1408.1023 (2014)Google Scholar
  5. 5.
    Merkle, R.C.: A digital signature based on a conventional encryption function. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 369–378. Springer, Heidelberg (1988) Google Scholar
  6. 6.
    Kim, T.H., Gupta, P., Han, J., Owusu, E., Hong, J.I., Perrig, A., Gao, D.: ARPKI: attack resilient public-key infrastructure. In: ACM CCS (2014)Google Scholar
  7. 7.
    Melara, M.S., Blankstein, A., Bonneau, J., Freedman, M.J., Felten, E.W.: CONIKS: A privacy-preserving consistent key service for secure end-to-end communication. IACR Cryptology ePrint Archive (2014)Google Scholar
  8. 8.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985) CrossRefGoogle Scholar
  9. 9.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001) CrossRefGoogle Scholar
  10. 10.
    Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003) CrossRefGoogle Scholar
  11. 11.
    CVE: Common vulnerabilities and exposures list. Accessed on Feb 2015

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.School of Computer ScienceUniversity of BirminghamBirminghamUK

Personalised recommendations