• DocumentCode
    2167019
  • Title

    The design and implementation of a JCA-compliant capture protection infrastructure

  • Author

    Reiter, Michael K. ; Samar, Alireza ; Wang, Chenxi

  • Author_Institution
    Dept. of Electr. & Comput. Eng., Carnegie Mellon Univ., Pittsburgh, PA, USA
  • fYear
    2003
  • fDate
    6-18 Oct. 2003
  • Firstpage
    339
  • Lastpage
    348
  • Abstract
    A capture protection server protects a cryptographic key on a device that may be captured by authenticating the user of the device (e.g., by password) before permitting the key to be used. Delegation from one capture protection server to another enables the new server to perform this capture protection function for the device. Delegation, however, opens the system to new vulnerabilities, including difficulties in limiting online password-guessing attacks and in disabling a device that has been stolen by an attacker who knows the password. Here we propose a lightweight protocol for coordinating capture protection servers that eliminates these vulnerabilities. We also report on the implementation of our protocol in a JCA-compliant cryptographic service provider, and ramifications of the JCA interfaces for our approach.
  • Keywords
    access protocols; middleware; public key cryptography; JCA interfaces; JCA-compliant; capture protection infrastructure; capture protection server; cryptographic key; cryptographic service provider; lightweight protocol; online password-guessing attacks; Protection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Reliable Distributed Systems, 2003. Proceedings. 22nd International Symposium on
  • ISSN
    1060-9857
  • Print_ISBN
    0-7695-1955-5
  • Type

    conf

  • DOI
    10.1109/RELDIS.2003.1238086
  • Filename
    1238086
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2167019