Projects per year
Abstract
We present DECIM, an approach to solve the challenge of detecting endpoint compromise in messaging. DECIM manages and refreshes encryption/decryption keys in an automatic and transparent way: it makes it necessary for uses of the
key to be inserted in an append-only log, which the device owner can interrogate in order to detect misuse.
We propose a multi-device messaging protocol that exploits our concept to allow users to detect unauthorised usage of their device keys. It is co-designed with a formal model, and we verify its core security property using the Tamarin prover. We present a proof-of-concept implementation providing the main features required for deployment. We find that DECIM messaging is efficient even for millions of users.
The methods we introduce are not intended to replace existing methods used to keep keys safe (such as hardware devices, careful procedures, or key refreshment techniques). Rather, our methods provide a useful and effective additional layer of security.
key to be inserted in an append-only log, which the device owner can interrogate in order to detect misuse.
We propose a multi-device messaging protocol that exploits our concept to allow users to detect unauthorised usage of their device keys. It is co-designed with a formal model, and we verify its core security property using the Tamarin prover. We present a proof-of-concept implementation providing the main features required for deployment. We find that DECIM messaging is efficient even for millions of users.
The methods we introduce are not intended to replace existing methods used to keep keys safe (such as hardware devices, careful procedures, or key refreshment techniques). Rather, our methods provide a useful and effective additional layer of security.
Original language | English |
---|---|
Number of pages | 13 |
Journal | IEEE Transactions on Information Forensics and Security |
DOIs | |
Publication status | Published - 11 Aug 2017 |
Keywords
- Key usage detection
- transparency
- secure messaging
- key management
- formal analysis
Fingerprint
Dive into the research topics of 'DECIM: Detecting Endpoint Compromise In Messaging'. Together they form a unique fingerprint.Projects
- 1 Finished
-
Leadership Fellowships 2009 : Analysing Security and Privacy Properties
Engineering & Physical Science Research Council
1/04/10 → 30/09/15
Project: Research Councils