Keeping data secret under full compromise using porter devices

Christina Poepper, David Basin, Srdjan Čapkun, Cas Cremers

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    We address the problem of confidentiality in scenarios where the attacker is not only able to observe the communication between principals, but can also fully compromise the communicating parties (their devices, not only their long term secrets) after the confidential data has been exchanged. We formalize this problem and explore solutions that provide confidentiality after the full compromise of devices and user passwords. We propose two new solutions that use explicit key deletion and forward-secret protocols combined with key storage on porter devices. Our solutions provide the users with control over their privacy. We analyze the proposed solutions using an automatic verification tool. We also implement a prototype using a mobile phone as a porter device to illustrate how the solution can be realized on modern platforms.

    Original languageEnglish (US)
    Title of host publicationProceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010
    Pages241-250
    Number of pages10
    DOIs
    StatePublished - Dec 1 2010
    Event26th Annual Computer Security Applications Conference, ACSAC 2010 - Austin, TX, United States
    Duration: Dec 6 2010Dec 10 2010

    Other

    Other26th Annual Computer Security Applications Conference, ACSAC 2010
    CountryUnited States
    CityAustin, TX
    Period12/6/1012/10/10

    Fingerprint

    Mobile phones
    Network protocols
    Communication

    Keywords

    • full compromise
    • security protocol
    • system security

    ASJC Scopus subject areas

    • Computer Networks and Communications
    • Software
    • Safety, Risk, Reliability and Quality

    Cite this

    Poepper, C., Basin, D., Čapkun, S., & Cremers, C. (2010). Keeping data secret under full compromise using porter devices. In Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010 (pp. 241-250) https://doi.org/10.1145/1920261.1920297

    Keeping data secret under full compromise using porter devices. / Poepper, Christina; Basin, David; Čapkun, Srdjan; Cremers, Cas.

    Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010. 2010. p. 241-250.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Poepper, C, Basin, D, Čapkun, S & Cremers, C 2010, Keeping data secret under full compromise using porter devices. in Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010. pp. 241-250, 26th Annual Computer Security Applications Conference, ACSAC 2010, Austin, TX, United States, 12/6/10. https://doi.org/10.1145/1920261.1920297
    Poepper C, Basin D, Čapkun S, Cremers C. Keeping data secret under full compromise using porter devices. In Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010. 2010. p. 241-250 https://doi.org/10.1145/1920261.1920297
    Poepper, Christina ; Basin, David ; Čapkun, Srdjan ; Cremers, Cas. / Keeping data secret under full compromise using porter devices. Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010. 2010. pp. 241-250
    @inproceedings{ba3cae45277846469a9194adacdd56ad,
    title = "Keeping data secret under full compromise using porter devices",
    abstract = "We address the problem of confidentiality in scenarios where the attacker is not only able to observe the communication between principals, but can also fully compromise the communicating parties (their devices, not only their long term secrets) after the confidential data has been exchanged. We formalize this problem and explore solutions that provide confidentiality after the full compromise of devices and user passwords. We propose two new solutions that use explicit key deletion and forward-secret protocols combined with key storage on porter devices. Our solutions provide the users with control over their privacy. We analyze the proposed solutions using an automatic verification tool. We also implement a prototype using a mobile phone as a porter device to illustrate how the solution can be realized on modern platforms.",
    keywords = "full compromise, security protocol, system security",
    author = "Christina Poepper and David Basin and Srdjan Čapkun and Cas Cremers",
    year = "2010",
    month = "12",
    day = "1",
    doi = "10.1145/1920261.1920297",
    language = "English (US)",
    isbn = "9781450301336",
    pages = "241--250",
    booktitle = "Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010",

    }

    TY - GEN

    T1 - Keeping data secret under full compromise using porter devices

    AU - Poepper, Christina

    AU - Basin, David

    AU - Čapkun, Srdjan

    AU - Cremers, Cas

    PY - 2010/12/1

    Y1 - 2010/12/1

    N2 - We address the problem of confidentiality in scenarios where the attacker is not only able to observe the communication between principals, but can also fully compromise the communicating parties (their devices, not only their long term secrets) after the confidential data has been exchanged. We formalize this problem and explore solutions that provide confidentiality after the full compromise of devices and user passwords. We propose two new solutions that use explicit key deletion and forward-secret protocols combined with key storage on porter devices. Our solutions provide the users with control over their privacy. We analyze the proposed solutions using an automatic verification tool. We also implement a prototype using a mobile phone as a porter device to illustrate how the solution can be realized on modern platforms.

    AB - We address the problem of confidentiality in scenarios where the attacker is not only able to observe the communication between principals, but can also fully compromise the communicating parties (their devices, not only their long term secrets) after the confidential data has been exchanged. We formalize this problem and explore solutions that provide confidentiality after the full compromise of devices and user passwords. We propose two new solutions that use explicit key deletion and forward-secret protocols combined with key storage on porter devices. Our solutions provide the users with control over their privacy. We analyze the proposed solutions using an automatic verification tool. We also implement a prototype using a mobile phone as a porter device to illustrate how the solution can be realized on modern platforms.

    KW - full compromise

    KW - security protocol

    KW - system security

    UR - http://www.scopus.com/inward/record.url?scp=78751506483&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=78751506483&partnerID=8YFLogxK

    U2 - 10.1145/1920261.1920297

    DO - 10.1145/1920261.1920297

    M3 - Conference contribution

    SN - 9781450301336

    SP - 241

    EP - 250

    BT - Proceedings - 26th Annual Computer Security Applications Conference, ACSAC 2010

    ER -