Keeping data secret under full compromise using porter devices

Christina Poepper, David Basin, Srdjan Čapkun, Cas Cremers

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We address the problem of confidentiality in scenarios where the attacker is not only able to observe the communication between principals, but can also fully compromise the communicating parties (their devices, not only their long term secrets) after the confidential data has been exchanged. We formalize this problem and explore solutions that provide confidentiality after the full compromise of devices and user passwords. We propose two new solutions that use explicit key deletion and forward-secret protocols combined with key storage on porter devices. Our solutions provide the users with control over their privacy. We analyze the proposed solutions using an automatic verification tool. We also implement a prototype using a mobile phone as a porter device to illustrate how the solution can be realized on modern platforms.

Original languageEnglish (US)
Title of host publicationProceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010
Pages241-250
Number of pages10
DOIs
StatePublished - Dec 1 2010
Event26th Annual Computer Security Applications Conference, ACSAC 2010 - Austin, TX, United States
Duration: Dec 6 2010Dec 10 2010

Other

Other26th Annual Computer Security Applications Conference, ACSAC 2010
CountryUnited States
CityAustin, TX
Period12/6/1012/10/10

Fingerprint

Mobile phones
Network protocols
Communication

Keywords

  • full compromise
  • security protocol
  • system security

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software
  • Safety, Risk, Reliability and Quality

Cite this

Poepper, C., Basin, D., Čapkun, S., & Cremers, C. (2010). Keeping data secret under full compromise using porter devices. In Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010 (pp. 241-250) https://doi.org/10.1145/1920261.1920297

Keeping data secret under full compromise using porter devices. / Poepper, Christina; Basin, David; Čapkun, Srdjan; Cremers, Cas.

Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010. 2010. p. 241-250.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Poepper, C, Basin, D, Čapkun, S & Cremers, C 2010, Keeping data secret under full compromise using porter devices. in Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010. pp. 241-250, 26th Annual Computer Security Applications Conference, ACSAC 2010, Austin, TX, United States, 12/6/10. https://doi.org/10.1145/1920261.1920297
Poepper C, Basin D, Čapkun S, Cremers C. Keeping data secret under full compromise using porter devices. In Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010. 2010. p. 241-250 https://doi.org/10.1145/1920261.1920297
Poepper, Christina ; Basin, David ; Čapkun, Srdjan ; Cremers, Cas. / Keeping data secret under full compromise using porter devices. Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010. 2010. pp. 241-250
@inproceedings{ba3cae45277846469a9194adacdd56ad,
title = "Keeping data secret under full compromise using porter devices",
abstract = "We address the problem of confidentiality in scenarios where the attacker is not only able to observe the communication between principals, but can also fully compromise the communicating parties (their devices, not only their long term secrets) after the confidential data has been exchanged. We formalize this problem and explore solutions that provide confidentiality after the full compromise of devices and user passwords. We propose two new solutions that use explicit key deletion and forward-secret protocols combined with key storage on porter devices. Our solutions provide the users with control over their privacy. We analyze the proposed solutions using an automatic verification tool. We also implement a prototype using a mobile phone as a porter device to illustrate how the solution can be realized on modern platforms.",
keywords = "full compromise, security protocol, system security",
author = "Christina Poepper and David Basin and Srdjan Čapkun and Cas Cremers",
year = "2010",
month = "12",
day = "1",
doi = "10.1145/1920261.1920297",
language = "English (US)",
isbn = "9781450301336",
pages = "241--250",
booktitle = "Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010",

}

TY - GEN

T1 - Keeping data secret under full compromise using porter devices

AU - Poepper, Christina

AU - Basin, David

AU - Čapkun, Srdjan

AU - Cremers, Cas

PY - 2010/12/1

Y1 - 2010/12/1

N2 - We address the problem of confidentiality in scenarios where the attacker is not only able to observe the communication between principals, but can also fully compromise the communicating parties (their devices, not only their long term secrets) after the confidential data has been exchanged. We formalize this problem and explore solutions that provide confidentiality after the full compromise of devices and user passwords. We propose two new solutions that use explicit key deletion and forward-secret protocols combined with key storage on porter devices. Our solutions provide the users with control over their privacy. We analyze the proposed solutions using an automatic verification tool. We also implement a prototype using a mobile phone as a porter device to illustrate how the solution can be realized on modern platforms.

AB - We address the problem of confidentiality in scenarios where the attacker is not only able to observe the communication between principals, but can also fully compromise the communicating parties (their devices, not only their long term secrets) after the confidential data has been exchanged. We formalize this problem and explore solutions that provide confidentiality after the full compromise of devices and user passwords. We propose two new solutions that use explicit key deletion and forward-secret protocols combined with key storage on porter devices. Our solutions provide the users with control over their privacy. We analyze the proposed solutions using an automatic verification tool. We also implement a prototype using a mobile phone as a porter device to illustrate how the solution can be realized on modern platforms.

KW - full compromise

KW - security protocol

KW - system security

UR - http://www.scopus.com/inward/record.url?scp=78751506483&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=78751506483&partnerID=8YFLogxK

U2 - 10.1145/1920261.1920297

DO - 10.1145/1920261.1920297

M3 - Conference contribution

AN - SCOPUS:78751506483

SN - 9781450301336

SP - 241

EP - 250

BT - Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010

ER -