The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.04 - July/August (2010 vol.8)
pp: 66-69
Christian Cachin , IBM Research
ABSTRACT
Encryption keys are sometimes encrypted themselves; doing that properly requires special care. Although it might look like an oversight at first, the broadly accepted formal security definitions for cryptosystems don't allow encryption of key-dependent messages. Furthermore, key-management systems frequently use key encryption or wrapping, which might create dependencies among keys that lead to problems with simple access-control checks. Security professionals should be aware of this risk and take appropriate measures. Novel cryptosystems offer protection for key-dependent messages and should be considered for practical use. Through enhanced access control in key-management systems, you can prevent security-interface attacks.
INDEX TERMS
key encryption, cryptography, security and privacy, semantic security, CCA2 security, key management, access control
CITATION
Christian Cachin, "Encrypting Keys Securely", IEEE Security & Privacy, vol.8, no. 4, pp. 66-69, July/August 2010, doi:10.1109/MSP.2010.124
REFERENCES
1. P1619.1 Standard for Authenticated Encryption with Length Expansion for Storage Devices, IEEE Security in Storage Working Group, 2009; https:/siswg.net.
2. M. Liskov, R.R. Rivest, and D. Wagner, "Tweakable Block Ciphers," Advances in Cryptology—Crypto 2002, LNCS 2442, Springer, 2002, pp. 31–46.
3. S. Goldwasser and S. Micali, "Probabilistic Encryption," J. Computer and System Sciences, vol. 28, no. 2, 1984, pp. 270–299.
4. D. Bleichenbacher, "Chosen-Ciphertext Attacks against Protocols Based on the RSA Encryption Standard PKCS #1," Advances in Cryptology—Crypto '98, LNCS 1462, Springer, 1998, pp. 1–12.
5. M. Naor and M. Yung, "Public-Key Cryptosystems Provably Secure against Chosen-Ciphertext Attacks," Proc. 22nd ACM Symp. Theory of Computing (STOC), ACM Press, 1990, pp. 427–437.
6. J. Black, P. Rogaway, and T. Shrimpton, "Encryption-Scheme Security in the Presence of Key-Dependent Messages," Selected Areas in Cryptography, LNCS 2595, Springer, 2002, pp. 62–75.
7. J. Camenisch and A. Lysyanskaya, "An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation," Advances in Cryptology—Eurocrypt 2001, LNCS 2045, Springer, 2001, pp. 93–118.
8. D. Boneh et al., "Circular-Secure Encryption from Decision Diffie-Hellman," Advances in Cryptology—Crypto 2008, LNCS 5157, Springer, 2008, pp. 108–125.
9. J. Camenisch, N. Chandran, and V. Shoup, "A Public Key Encryption Scheme Secure against Key Dependent Chosen Plaintext and Adaptive Chosen Ciphertext Attacks," Advances in Cryptology—Eurocrypt 2009, LNCS 5479, Springer, 2009, pp. 351–368.
10. BITS Security Working Group, "Enterprise Key Management," white paper, BITS Financial Services Roundtable, May 2008; www.bits.org/downloads/Publications%20Page BITSEnterpriseKeyManagementMay2008.pdf .
11. "Cryptographic Key Management," Cover Pages, Apr. 2009; http://xml.coverpages.orgkeyManagement.html .
12. Oasis Key Management Interoperability Protocol Technical Committee, "Key Management Interoperability Protocol Specification Version 1.0," Oasis, 2010; www.oasis-open.org/committeesdocuments.php?wg_abbrev=kmip .
13. R. Anderson et al., "Cryptographic Processors—A Survey," Proc. IEEE, Feb. 2006, pp. 357–369.
14. CCA Basic Services Reference and Guide for the IBM 4758 PCI and IBM 4764 PCI-X Cryptographic Coprocessors, 19th ed., IBM, Sept. 2008; www-03.ibm.com/security/cryptocards/pcicc library.shtml.
15. "PKCS #11 v2.20: Cryptographic Token Interface Standard," RSA Laboratories, 2004; www.rsa.com/rsalabsnode.asp?id=2133.
16. S. Delaune, S. Kremer, and G. Steel, "Formal Analysis of PKCS#11," Proc. 21st IEEE Computer Security Foundations Symposium (CSF), IEEE CS Press, 2008, pp. 331–344.
17. M. Björkqvist et al., "Design and Implementation of a Key-Lifecycle Management System," to be published in Proc. Financial Cryptography and Data Security (FC 10) (preprint available as IBM Research Report RZ 3739, IBM Research, 2009; www.zurich.ibm.com/~mvu/papersRZ3739.pdf ).
18. C. Cachin and N. Chandran, "A Secure Cryptographic Token Interface," Proc. Computer Security Foundations Symp. (CSF 22), IEEE Press, 2009, pp. 141–153.
5 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool