Abstract.
A device that performs private key operations (signatures or decryptions), and whose private key operations are protected by a password, can be immunized against offline dictionary attacks in case of capture by forcing the device to confirm a password guess with a designated remote server in order to perform a private key operation. Recent proposals for achieving this allow untrusted servers and require no server initialization per device. In this paper we extend these proposals to enable dynamic delegation from one server to another; i.e., the device can subsequently use the second server to secure its private key operations. One application is to allow a user who is traveling to a foreign country to temporarily delegate to a server local to that country the ability to confirm password guesses and aid the user’s device in performing private key operations, or in the limit, to temporarily delegate this ability to a token in the user’s possession. Another application is proactive security for the device’s private key, i.e., proactive updates to the device and servers to eliminate any threat of offline password guessing attacks due to previously compromised servers.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Author information
Authors and Affiliations
Corresponding author
Additional information
Received: November 2001, Accepted: January 2003,
Extended abstract appears in Proceedings of the 8 th ACM Symposium on Computer and Communications Security, November 2001.
Rights and permissions
About this article
Cite this article
MacKenzie, P., Reiter, M.K. Delegation of cryptographic servers for capture-resilient devices. Distrib. Comput. 16, 307–327 (2003). https://doi.org/10.1007/s00446-003-0098-4
Issue Date:
DOI: https://doi.org/10.1007/s00446-003-0098-4