Device attacker models: fact and fiction

Jiangshan Yu; Mark D. Ryan

doi:10.1007/978-3-319-26096-9_17

Device attacker models: fact and fiction

Jiangshan Yu, Mark D. Ryan

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research

3 Citations (Scopus)

Abstract

According to standard fiction, a user is able to securely keep long term keys on his device. However, in fact his device may become infected with malware, and an adversary may obtain a copy of his key. We propose an attacker model in which devices are “periodically trustworthy” — they may become infected by malware, and then later become trustworthy again after software patches and malware scans have been applied, in an ongoing cycle. This paper proposes a solution to make the usage of private keys by attackers detectable by using public transparently-maintained logs to monitor the usage of long-term secret keys.

Original language	English
Title of host publication	Security Protocols XXIII
Subtitle of host publication	23rd International Workshop Cambridge, UK, March 31 – April 2, 2015 Revised Selected Papers
Editors	Bruce Christianson, Petr Švenda, Vashek Matyáš, James Malcolm, Frank Stajano, Jonathan Anderson
Place of Publication	Cham Switzerland
Publisher	Springer
Pages	158-167
Number of pages	10
ISBN (Electronic)	9783319260969
ISBN (Print)	9783319260952
DOIs	https://doi.org/10.1007/978-3-319-26096-9_17
Publication status	Published - 2015
Externally published	Yes
Event	International Workshop on Security Protocols 2015 - Cambridge, United Kingdom Duration: 31 Mar 2015 → 2 Apr 2015 Conference number: 23rd http://homepages.herts.ac.uk/~spw/

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer
Volume	9379
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	International Workshop on Security Protocols 2015
Abbreviated title	IWSP 2015
Country/Territory	United Kingdom
City	Cambridge
Period	31/03/15 → 2/04/15
Internet address	http://homepages.herts.ac.uk/~spw/

Keywords

Attacker model
Key compromise detection
Key usage Monitoring

Access to Document

10.1007/978-3-319-26096-9_17

Cite this

Yu, J., & Ryan, M. D. (2015). Device attacker models: fact and fiction. In B. Christianson, P. Švenda, V. Matyáš, J. Malcolm, F. Stajano, & J. Anderson (Eds.), Security Protocols XXIII : 23rd International Workshop Cambridge, UK, March 31 – April 2, 2015 Revised Selected Papers (pp. 158-167). (Lecture Notes in Computer Science ; Vol. 9379). Springer. https://doi.org/10.1007/978-3-319-26096-9_17

Yu, Jiangshan ; Ryan, Mark D. / Device attacker models : fact and fiction. Security Protocols XXIII : 23rd International Workshop Cambridge, UK, March 31 – April 2, 2015 Revised Selected Papers. editor / Bruce Christianson ; Petr Švenda ; Vashek Matyáš ; James Malcolm ; Frank Stajano ; Jonathan Anderson. Cham Switzerland : Springer, 2015. pp. 158-167 (Lecture Notes in Computer Science ).

@inproceedings{1f5688d7f45345da8bf07c0b07385c6b,

title = "Device attacker models: fact and fiction",

abstract = "According to standard fiction, a user is able to securely keep long term keys on his device. However, in fact his device may become infected with malware, and an adversary may obtain a copy of his key. We propose an attacker model in which devices are “periodically trustworthy” — they may become infected by malware, and then later become trustworthy again after software patches and malware scans have been applied, in an ongoing cycle. This paper proposes a solution to make the usage of private keys by attackers detectable by using public transparently-maintained logs to monitor the usage of long-term secret keys.",

keywords = "Attacker model, Key compromise detection, Key usage Monitoring",

author = "Jiangshan Yu and Ryan, \{Mark D.\}",

year = "2015",

doi = "10.1007/978-3-319-26096-9\_17",

language = "English",

isbn = "9783319260952",

series = "Lecture Notes in Computer Science ",

publisher = "Springer",

pages = "158--167",

editor = "Bruce Christianson and Petr {\v S}venda and Vashek Maty{\'a}{\v s} and James Malcolm and Frank Stajano and Jonathan Anderson",

booktitle = "Security Protocols XXIII",

address = "Switzerland",

note = "International Workshop on Security Protocols 2015, IWSP 2015 ; Conference date: 31-03-2015 Through 02-04-2015",

url = "http://homepages.herts.ac.uk/\textasciitilde{}spw/",

}

Yu, J & Ryan, MD 2015, Device attacker models: fact and fiction. in B Christianson, P Švenda, V Matyáš, J Malcolm, F Stajano & J Anderson (eds), Security Protocols XXIII : 23rd International Workshop Cambridge, UK, March 31 – April 2, 2015 Revised Selected Papers. Lecture Notes in Computer Science , vol. 9379, Springer, Cham Switzerland, pp. 158-167, International Workshop on Security Protocols 2015, Cambridge, United Kingdom, 31/03/15. https://doi.org/10.1007/978-3-319-26096-9_17

Device attacker models: fact and fiction. / Yu, Jiangshan; Ryan, Mark D.
Security Protocols XXIII : 23rd International Workshop Cambridge, UK, March 31 – April 2, 2015 Revised Selected Papers. ed. / Bruce Christianson; Petr Švenda; Vashek Matyáš; James Malcolm; Frank Stajano; Jonathan Anderson. Cham Switzerland: Springer, 2015. p. 158-167 (Lecture Notes in Computer Science ; Vol. 9379).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper › Research

TY - GEN

T1 - Device attacker models

T2 - International Workshop on Security Protocols 2015

AU - Yu, Jiangshan

AU - Ryan, Mark D.

N1 - Conference code: 23rd

PY - 2015

Y1 - 2015

N2 - According to standard fiction, a user is able to securely keep long term keys on his device. However, in fact his device may become infected with malware, and an adversary may obtain a copy of his key. We propose an attacker model in which devices are “periodically trustworthy” — they may become infected by malware, and then later become trustworthy again after software patches and malware scans have been applied, in an ongoing cycle. This paper proposes a solution to make the usage of private keys by attackers detectable by using public transparently-maintained logs to monitor the usage of long-term secret keys.

AB - According to standard fiction, a user is able to securely keep long term keys on his device. However, in fact his device may become infected with malware, and an adversary may obtain a copy of his key. We propose an attacker model in which devices are “periodically trustworthy” — they may become infected by malware, and then later become trustworthy again after software patches and malware scans have been applied, in an ongoing cycle. This paper proposes a solution to make the usage of private keys by attackers detectable by using public transparently-maintained logs to monitor the usage of long-term secret keys.

KW - Attacker model

KW - Key compromise detection

KW - Key usage Monitoring

UR - https://www.scopus.com/pages/publications/84952767907

U2 - 10.1007/978-3-319-26096-9_17

DO - 10.1007/978-3-319-26096-9_17

M3 - Conference Paper

AN - SCOPUS:84952767907

SN - 9783319260952

T3 - Lecture Notes in Computer Science

SP - 158

EP - 167

BT - Security Protocols XXIII

A2 - Christianson, Bruce

A2 - Švenda, Petr

A2 - Matyáš, Vashek

A2 - Malcolm, James

A2 - Stajano, Frank

A2 - Anderson, Jonathan

PB - Springer

CY - Cham Switzerland

Y2 - 31 March 2015 through 2 April 2015

ER -

Yu J, Ryan MD. Device attacker models: fact and fiction. In Christianson B, Švenda P, Matyáš V, Malcolm J, Stajano F, Anderson J, editors, Security Protocols XXIII : 23rd International Workshop Cambridge, UK, March 31 – April 2, 2015 Revised Selected Papers. Cham Switzerland: Springer. 2015. p. 158-167. (Lecture Notes in Computer Science ). doi: 10.1007/978-3-319-26096-9_17

Device attacker models: fact and fiction

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Cite this