Authenticating compromisable storage systems

Jiangshan Yu, Mark Ryan, Liqun Chen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)
155 Downloads (Pure)

Abstract

A service may be implemented over several servers, and those servers may become compromised by an attacker, e.g. through software vulnerabilities. When this happens, the service manager will remove the vulnerabilities and re-instate the server. Typically, this will involve regenerating the public key by which clients authenticate the service, and revoking the old one. This paper presents a scheme which allows a storage service composed of several servers to create a group public key in a decentralised manner, and maintain its security even when such compromises take place. By maintaining keys for a long term,
we reduce the reliance on public-key certification. The storage servers periodically update the decryption secrets corresponding to a public key, in such a way that secrets gained by an attacker are rendered useless after an update takes place. An attacker would have to compromise all the servers within a short period lying between two updates in order to fully compromise the
system.
Original languageEnglish
Title of host publicationProceedings of 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-17)
PublisherIEEE Computer Society Press
Number of pages8
ISBN (Electronic)978-1-5090-4906-6
ISBN (Print)978-1-5090-4907-3
DOIs
Publication statusPublished - 11 Sep 2017
Event16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-17) - Sydney, Australia
Duration: 1 Aug 20174 Aug 2017

Conference

Conference16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-17)
Country/TerritoryAustralia
CitySydney
Period1/08/174/08/17

Fingerprint

Dive into the research topics of 'Authenticating compromisable storage systems'. Together they form a unique fingerprint.

Cite this