Protecting secret keys in a compromised computational system

Abstract

Software applications which run in a compromised environment and perform sensitive operations, such as providing a secure communication channel between two individuals, require protection in order to prevent them being run by an unauthorised adversary. This paper looks at how to build in some protection against an adversary who wishes to modify an application so that it no longer authenticates the user before running. This protection works against a casual observer, that is someone who has access only to standard debugging tools, visualisation tools, and decompilers. The tricks given in the paper do not work against an all powerful adversary. The paper treats the problem of protecting the code fragments dealing with authentication as equivalent to encrypting plaintext without revealing the secret key.