Conference ProceedingsOPEN ACCESS

Actor key compromise: Consequences and countermeasures

Proceedings of the Computer Security Foundations Workshop (2014) 2014-January 244-258
DOI: 10.1109/CSF.2014.25
11Citations
Citations of this article
18Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

Despite Alice's best efforts, her long-term secret keys may be revealed to an adversary. Possible reasons include weakly generated keys, compromised key storage, subpoena, and coercion. However, Alice may still be able to communicate securely with other parties, depending on the protocol used. We call the associated property resilience against Actor Key Compromise (AKC). We formalise this property in a symbolic model and identify conditions under which it can and cannot be achieved. In case studies that include TLS and SSH, we find that many protocols are not resilient against AKC. We implement a concrete AKC attack on the mutually authenticated TLS protocol.

Author supplied keywords

Cite

CITATION STYLE

APA

Basin, D., Cremers, C., & Horvat, M. (2014). Actor key compromise: Consequences and countermeasures. In Proceedings of the Computer Security Foundations Workshop (Vol. 2014-January, pp. 244–258). IEEE Computer Society. https://doi.org/10.1109/CSF.2014.25

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free