DECIM: Detecting Endpoint Compromise In Messaging

Research output: Contribution to journalArticle

Standard

DECIM : Detecting Endpoint Compromise In Messaging. / Yu, Jiangshan; Ryan, Mark; Cremers, Cas.

In: IEEE Transactions on Information Forensics and Security, 11.08.2017.

Research output: Contribution to journalArticle

Harvard

APA

Vancouver

Author

Bibtex

@article{b7ae08dddcf84a7592b6eff97f94f225,
title = "DECIM: Detecting Endpoint Compromise In Messaging",
abstract = "We present DECIM, an approach to solve the challenge of detecting endpoint compromise in messaging. DECIM manages and refreshes encryption/decryption keys in an automatic and transparent way: it makes it necessary for uses of thekey to be inserted in an append-only log, which the device owner can interrogate in order to detect misuse. We propose a multi-device messaging protocol that exploits our concept to allow users to detect unauthorised usage of their device keys. It is co-designed with a formal model, and we verify its core security property using the Tamarin prover. We present a proof-of-concept implementation providing the main features required for deployment. We find that DECIM messaging is efficient even for millions of users.The methods we introduce are not intended to replace existing methods used to keep keys safe (such as hardware devices, careful procedures, or key refreshment techniques). Rather, our methods provide a useful and effective additional layer of security.",
keywords = "Key usage detection , transparency , secure messaging , key management , formal analysis",
author = "Jiangshan Yu and Mark Ryan and Cas Cremers",
year = "2017",
month = "8",
day = "11",
doi = "10.1109/TIFS.2017.2738609",
language = "English",
journal = "IEEE Transactions on Information Forensics and Security",
issn = "1556-6013",
publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

}

RIS

TY - JOUR

T1 - DECIM

T2 - Detecting Endpoint Compromise In Messaging

AU - Yu, Jiangshan

AU - Ryan, Mark

AU - Cremers, Cas

PY - 2017/8/11

Y1 - 2017/8/11

N2 - We present DECIM, an approach to solve the challenge of detecting endpoint compromise in messaging. DECIM manages and refreshes encryption/decryption keys in an automatic and transparent way: it makes it necessary for uses of thekey to be inserted in an append-only log, which the device owner can interrogate in order to detect misuse. We propose a multi-device messaging protocol that exploits our concept to allow users to detect unauthorised usage of their device keys. It is co-designed with a formal model, and we verify its core security property using the Tamarin prover. We present a proof-of-concept implementation providing the main features required for deployment. We find that DECIM messaging is efficient even for millions of users.The methods we introduce are not intended to replace existing methods used to keep keys safe (such as hardware devices, careful procedures, or key refreshment techniques). Rather, our methods provide a useful and effective additional layer of security.

AB - We present DECIM, an approach to solve the challenge of detecting endpoint compromise in messaging. DECIM manages and refreshes encryption/decryption keys in an automatic and transparent way: it makes it necessary for uses of thekey to be inserted in an append-only log, which the device owner can interrogate in order to detect misuse. We propose a multi-device messaging protocol that exploits our concept to allow users to detect unauthorised usage of their device keys. It is co-designed with a formal model, and we verify its core security property using the Tamarin prover. We present a proof-of-concept implementation providing the main features required for deployment. We find that DECIM messaging is efficient even for millions of users.The methods we introduce are not intended to replace existing methods used to keep keys safe (such as hardware devices, careful procedures, or key refreshment techniques). Rather, our methods provide a useful and effective additional layer of security.

KW - Key usage detection

KW - transparency

KW - secure messaging

KW - key management

KW - formal analysis

U2 - 10.1109/TIFS.2017.2738609

DO - 10.1109/TIFS.2017.2738609

M3 - Article

JO - IEEE Transactions on Information Forensics and Security

JF - IEEE Transactions on Information Forensics and Security

SN - 1556-6013

ER -