| | This Article | |
| |
| |
| | Share | |
| |
| |
| | Bibliographic References | |
| |
| |
| | Add to: | |
| |
 Digg
 Furl
 Spurl
 Blink
 Simpy
 Google
 Del.icio.us
 Y!MyWeb
| |
| | Search | |
| |
| |
| | |
CODEX: A Robust and Secure Secret Distribution System
January-March 2004 (vol. 1 no. 1)
pp. 34-47
CODEX (COrnell Data EXchange) stores secrets for subsequent access by authorized clients. It also is a vehicle for exploring the generality of a relatively new approach to building distributed services that are both fault-tolerant and attack-tolerant. Elements of that approach include: embracing the asynchronous (rather than synchronous) model of computation, use of Byzantine quorum systems for storing state, and employing proactive secret sharing with threshold cryptography for implementing confidentiality and authentication of service responses. Besides explaining the CODEX protocols, experiments to measure their performance are discussed.
[1] 34 G.R. Blakley, Safeguarding Cryptographic Keys Proc. 1979 Nat'l Computer Conf., R.E. Merwin, et al. eds., pp. 313-317, Sept. 1979.[2] M. Blaze, J. Feigenbaum, and A.D. Keromytis, KeyNote: Trust Management for Public-Key Infrastructures (Position Paper) Lecture Notes in Computer Science, vol. 1550, pp. 59-63, 1999.[3] C. Cachin and J.A. Poritz, Secure Intrustion-Tolerant Replication on the Internet Proc. Conf. Dependable Systems and Networks, pp. 167-176, June 2002.[4] D. Chaum, Blind Signatures for Untraceable Payments Proc. Advances in Cryptology (Crypto '82) Workshop the Theory and Application of Cryptography, D. Chaum, et al., eds., pp. 199-203, 1983.[5] L. Chen, D. Gollmann, and C.J. Mitchell, Key Escrow in Mutually Mistrusting Domains Proc. Int'l Workshop Security Protocols, T.M.A. Lomas, ed., Apr. 1996.[6] Y. Desmedt, Threshold Cryptography European Trans. Telecomm., vol. 5, no. 4, pp. 449-457, July-Aug. 1994.[7] Y. Desmedt, Some Recent Research Aspects of Threshold Cryptography Proc. First Int'l Workshop Information Security (ISW '97), E. Okamoto, et al., eds., Feb. 1998.[8] Y. Desmedt and Y. Frankel, Threshold Cryptosystems Proc. Ninth Ann. Int'l Cryptology Conf. Advances in Cryptology (Crypto '89), G. Brassard, ed., 1990.[9] Y. Desmedt and Y. Frankel, Shared Generation of Authenticators and Signatures (Extended Abstract) Proc. 11th Ann. Int'l Cryptology Conf. Advances in Cryptology (Crypto '91), J. Feigenbaum, ed., 1992.[10] Y. Deswarte, L. Blain, and J.C. Fabre, Intrusion Tolerance in Distributed Computing Systems Proc. IEEE Symp. Research in Security and Privacy, pp. 110-121, May 1991.[11] L. Dondeti, S. Mukherjee, and A. Samal, Scalable Secure One-to-Many Group Communication Using Dual Encryption Computer Comm., vol. 23, no. 17, pp. 1681-1701, Nov. 2000.[12] T. ElGamal, A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms IEEE Trans. Information Theory, vol. 31, no. 4, pp. 469-472, 1985.[13] A. Eskicioglu, Multimedia Security in Group Communications: Recent Progress in Wired and Wireless Networks Proc. IASTED Int'l Conf. Comm. and Computer Networks, pp. 125-133, Nov. 2002.[14] M.J. Fischer, N.A. Lynch, and M.S. Paterson, Impossibility of Distributed Consensus with One Faulty Process J. ACM, vol. 32, no. 2, pp. 374-382, Apr. 1985.[15] J. Fraga and D. Powell, A Fault and Intrusion-Tolerant File System Proc. Third IFIP Int'l Conf. Computer Security (IFIP/Sec '85), J. Grimson and H.-J. Kugler, eds., pp. 203-218, Aug. 1985.[16] Y. Frankel, P. Gemmel, P. MacKenzie, and M. Yung, Optimal Resilience Proactive Public-Key Cryptosystems Proc. 38th Symp. Foundations of Computer Science, pp. 384-393, Oct. 1997.[17] Y. Frankel, P. Gemmell, P. MacKenzie, and M. Yung, Proactive RSA Proc. Conf. Advances in Cryptology (Crypto '97), B.S. Kaliski Jr., ed., 1997.[18] Y. Frankel and M. Yung, Distributed Public Key Cryptosystem Proc. First Int'l Workshop Practice and Theory in Public Key Cryptography, (PKC '98), H. Imai and Y. Zheng, eds., 1998.[19] J.A. Garay, R. Gennaro, C. Jutla, and T. Rabin, Secure Distributed Storage and Retrieval Theoretical Computer Science, vol. 243, nos. 1-2, pp. 363-389, July 2000.[20] L. Gong, "Increasing Availability and Security of an Authentication Service," IEEE J. Selected Areas Comm., vol. 11, no. 5, pp. 657-662, 1993.[21] L.C. Guillou and J.-J. Quisquater, A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing both Transmission and Memory Proc. Workshop the Theory and Application of Cryptographic Techniques, C.G. Günther, ed., May 1988.[22] T. Hardjono and J. Seberry, Replicating the Kuperee Authentication Server for Increased Security and Reliability Proc. First Australasian Conf. Information Security and Privacy (ACISP '96), J. Pieprzyk and J. Seberry, eds., June 1996.[23] R. Hayton, J. Bacon, and K. Moody, Access Control in an Open Distributed Environment Proc. 1998 IEEE Symp. Security and Privacy, pp. 3-14, May 1998.[24] A. Herzberg, M. Jakobsson, S. Jarecki, H. Krawczyk, and M. Yung, Proactive Public-Key and Signature Schemes Proc. Fourth Ann. Conf. Computer Comm. Security, pp. 100-110, Apr. 1997.[25] A. Herzberg, S. Jarecki, H. Krawczyk, and M. Yung, Proactive Secret Sharing or: How to Cope with Perpetual Leakage Proc. 15th Ann. Int'l Cryptology Conf. (Crypto '95, D. Coppersmith, ed., 1995.[26] M. Jakobsson, On Quorum Controlled Asymmetric Proxy Re-Encryption Proc. Second Int'l Workshop Practice and Theory in Public Key Cryptography (PKC '99), H. Imai and Y. Zheng, eds., 1999.[27] S. Jarecki, Proactive Secret Sharing and Public Key Cryptosystems master's thesis, Dept. of Electrical Eng. and Computer Science, Massachusetts Inst. of Technology, Cambridge, Sept. 1995.[28] D. Malkhi and M. Reiter, Byzantine Quorum Systems Distributed Computing, vol. 11, no. 4, pp. 203-213, 1998.[29] M. Naor, B. Pinkas, and O. Reingold, Distributed Pseudo-Random Functions and KDCs Proc. Int'l Conf. Theory and Application of Cryptographic Techniques (Eurocrypt '99), J. Stern, ed., 1999.[30] K. Ohta and T. Okamoto, A Modification of the Fiat-Shamir Scheme Proc. Conf. Advances in Cryptology (CRYPTO '88), S. Goldwasser, ed., Aug. 1990.[31] T. Rabin, A Simplified Approach to Threshold and Proactive RSA Proc. 18th Ann. Int'l Cryptology Conf. (Crypto '98), H. Krawczyk, ed., 1998.[32] M.K. Reiter, The Rampart Toolkit for Building High-Integrity Services Proc. Int'l Workshop Theory and Practice in Distributed Systems, K.P. Birman, et al., eds., 1995.[33] M.K. Reiter, M.K. Franklin, J.B. Lacy, and R.N. Wright, The$\Omega$Key Management Service J. Computer Security, vol. 4, no. 4, pp. 267-297, 1996.[34] R. Rivest, A. Shamir, and L. Adleman, A Method of Obtaining Digital Signature andPublic Key Systems Comm. ACM, vol. 21, pp. 120-126, 1978.[35] R.L. Rivest and B. Lampson, SDSI A Simple Distributed Security Infrastructure Proc. CRYPTO '96 Conf., 1996.[36] C.-P. Schnorr, Efficient Signature Generation by Smart Cards J. Cryptology: The J. Int'l Assoc. for Cryptologic Research, vol. 4, no. 3, pp. 161-174, 1991.[37] C.-P. Schnorr and M. Jakobsson, Security of Signed ElGamal Encryption Proc. ASIACRYPT 2000 Conf., T. Okamoto, ed., 2000.[38] A. Shamir, How to Share a Secret Comm. ACM, vol. 22, no. 11, pp. 612-613, Nov. 1979.[39] L. Zhou, M.A. Marsh, F.B. Schneider, and A. Redz, Distributed Blinding for ElGamal Re-Encryption Technical Report TR 2004-1920, Cornell Univ., Ithaca, New York, Jan. 2004.[40] L. Zhou, F.B. Schneider, and R. van Renesse, COCA: A Secure Distributed Online Certification Authority ACM Trans. Computer Systems (TOCS), vol. 20, no. 4, pp. 329-368, 2002.[41] L. Zhou, F.B. Schneider, and R. van Renesse, Proactive Secret Sharing in Asynchronous Systems Technical Report TR 2002-1877, Cornell Univ., Ithaca, New York, Oct. 2002.
Index Terms:
Distributed systems, fault tolerance, access controls, client/server and multitier systems, information storage.
Citation:
Michael A. Marsh, Fred B. Schneider, "CODEX: A Robust and Secure Secret Distribution System," IEEE Transactions on Dependable and Secure Computing, vol. 1, no. 1, pp. 34-47, Jan.-Mar. 2004, doi:10.1109/TDSC.2004.3
