Encryption Key protection for Private Computing on Public Platforms


Private Computing on Public Platforms (PCPP) is a new technology designed to enable secure and private execution of applications on remote, potentially hostile, public platforms. PCPP must secure its encryption keys to ensure that application isolation is robust and reliable. To this end we offer a protection scheme for PCPP encryption keys. In this paper we first discuss a commonly used key storage mechanism, the Linux Key Retention Service (LKRS) and show a method for defeating this protection allowing one user to read the LKRS stored keys from another user's processes. We then describe our PCPP key protection methodology and how it interacts with the other PCPP building blocks to isolate encryption keys even from privileged users.

DOI: 10.1109/PERCOM.2009.4912897

Extracted Key Phrases

2 Figures and Tables

Cite this paper

@article{Morris2009EncryptionKP, title={Encryption Key protection for Private Computing on Public Platforms}, author={Thomas H. Morris and Suku Nair}, journal={2009 IEEE International Conference on Pervasive Computing and Communications}, year={2009}, pages={1-6} }