Tandem: Securing Keys by Using a Central Server While Preserving Privacy

@article{Lueks2020TandemSK,
  title={Tandem: Securing Keys by Using a Central Server While Preserving Privacy},
  author={Wouter Lueks and Brinda Hampiholi and Greg Alp{\'a}r and Carmela Troncoso},
  journal={Proceedings on Privacy Enhancing Technologies},
  year={2020},
  volume={2020},
  pages={327 - 355}
}
Abstract Users’ devices, e.g., smartphones or laptops, are typically incapable of securely storing and processing cryptographic keys.We present Tandem, a novel set of protocols for securing cryptographic keys with support from a central server. Tandem uses one-time-use key-share tokens to preserve users’ privacy with respect to a malicious central server. Additionally, Tandem enables users to block their keys if they lose their device, and it enables the server to limit how often an adversary… 

Figures and Tables from this paper

UPPRESSO: Untraceable and Unlinkable Privacy-PREserving Single Sign-On Services

This paper proposes a privacy-preserving SSO system, called UPPRESSO, to protect a user’s login activities against both the curious IdP and collusive RPs, and converts the SSO privacy problems into an identity transformation challenge.

References

SHOWING 1-10 OF 87 REFERENCES

Networked cryptographic devices resilient to capture

  • P. MacKenzieM. Reiter
  • Computer Science, Mathematics
    Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001
  • 2001
A simple technique by which a device that performs private key operations in networked applications and whose local private key is activated with a password or PIN can be immunized to offline dictionary attacks in case the device is captured is presented.

Shatter: Using Threshold Cryptography to Protect Single Users with Multiple Devices

Shatter is introduced, an open-source framework that runs on desktops, Android, and Android Wear, and performs key distribution on a user's behalf, and uses threshold cryptography to turn the security weakness of having multiple devices into a strength.

Virtual Smart Cards: How to Sign with a Password and a Server

It is argued that the Pass2Sign protocol offers comparable security to trusted hardware, but without its inconveniences, and it is proved it secure in the universal composability UC framework in a very strong adaptive corruption model where, unlike standard UC, the adversary does not obtain past inputs and outputs upon corrupting a party.

Threshold Single Password Authentication

Three previous studies provide solutions secure against offline dictionary attacks by additionally employing a storage provider (either a cloud storage or a mobile device for portability) and these works provide solutions where offline Dictionary attacks are impossible as long as the adversary does not corrupt both the login server and the storage provider.

How to win the clonewars: efficient periodic n-times anonymous authentication

A credential system that lets a user anonymously authenticate at most $n$ times in a single time period, based on e-cash, which can use existing techniques to identify a cheating user, trace all of her e-tokens, and revoke her dispensers.

Single password authentication

Server-Supported RSA Signatures for Mobile Devices

A new method for shared RSA signing between the user and the server so that the server alone is unable to create valid signatures and the composite RSA signature “looks like” an ordinary RSA signature and verifies with standard crypto-libraries.

Secure enrollment and practical migration for mobile trusted execution environments

It is argued that current mobile device architectures do not facilitate secure enrollment and migration for system-wide TEEs, and possible architecture changes are outlined that would enable the realization of secure and practical enrollment, and thus enable more widespread secure deployment of various mobile security services.

Stronger Password Authentication Using Browser Extensions

We describe a browser extension, PwdHash, that transparently produces a different password for each site, improving web password security and defending against password phishing and other attacks.

Get Shorty via Group Signatures without Encryption

This paper proposes a group signature scheme with the shortest known signature size and favorably comparing computation time, whilst still offering a strong and practically relevant security level that guarantees secure opening of signatures, protection against a cheating authority, and support for dynamic groups.
...