The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

Protecting Secret Keys in a Compromised Computational System

Protecting Secret Keys in a Compromised Computational System
Protecting Secret Keys in a Compromised Computational System
Software applications which run in a compromised environment and perform sensitive operations, such as providing a secure communication channel between two individuals, require protection in order to prevent them being run by an unauthorised adversary. This paper looks at how to build in some protection against an adversary who wishes to modify an application so that it no longer authenticates the user before running. This protection works against a casual observer, that is someone who has access only to standard debugging tools, visualisation tools, and decompilers. The tricks given in the paper do not work against an all powerful adversary. The paper treats the problem of protecting the code fragments dealing with authentication as equivalent to encrypting plaintext without revealing the secret key.
448-462
Mitchell, Bill
5d045751-9ef4-4375-9e89-dbae07c90049
Mitchell, Bill
5d045751-9ef4-4375-9e89-dbae07c90049

Mitchell, Bill (2000) Protecting Secret Keys in a Compromised Computational System. Third International Workshop, IH’99, Dresden, Germany. 29 Sep - 01 Oct 1999. pp. 448-462 . (doi:10.1007/10719724_31).

Record type: Conference or Workshop Item (Paper)

Abstract

Software applications which run in a compromised environment and perform sensitive operations, such as providing a secure communication channel between two individuals, require protection in order to prevent them being run by an unauthorised adversary. This paper looks at how to build in some protection against an adversary who wishes to modify an application so that it no longer authenticates the user before running. This protection works against a casual observer, that is someone who has access only to standard debugging tools, visualisation tools, and decompilers. The tricks given in the paper do not work against an all powerful adversary. The paper treats the problem of protecting the code fragments dealing with authentication as equivalent to encrypting plaintext without revealing the secret key.

Other
Secret_Keys_LNCS_1768.ps - Other
Download (140kB)

More information

Published date: 2000
Additional Information: Event Dates: September 29 - October 1, 1999
Venue - Dates: Third International Workshop, IH’99, Dresden, Germany, 1999-09-29 - 1999-10-01
Organisations: Electronics & Computer Science, IT Innovation
Learn more about Electronics & Computer Science research

Identifiers

Local EPrints ID: 266056
URI: http://eprints.soton.ac.uk/id/eprint/266056
DOI: doi:10.1007/10719724_31
PURE UUID: 569633d6-f618-485d-914d-43e6c2cb50be

Catalogue record

Date deposited: 04 Jul 2008 16:22
Last modified: 14 Mar 2024 08:20

Export record

Altmetrics

Contributors

Author: Bill Mitchell

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×