Enhancing Operation Security using Secret Sharing
Mohsen Ahmadvand, Antoine Scemama, Martín Ochoa, Alexander Pretschner
2016
Abstract
Storing highly confidential data and carrying out security-related operations are crucial to many systems. Starting from an industrial use case we propose a generic architecture based on secret sharing which address critical operation authorization. By comparing and benchmarking different scheme from the literature we analyze the different trade-offs (security, functionality, performance) which can be achieved. Finally by providing an open source .NET implementation of several secret sharing schemes, this paper aims to rise awareness regarding the capabilities of such algorithms to increase security in industrial setting.
References
- Ahmadvand, M. (2015). Secret sharing library. Available at https://github.com/mr-ma/secret-sharing.
- Beimel, A. (2011). Secret-sharing schemes: a survey. In Coding and cryptology, pages 11-46. Springer.
- Benaloh, J. and Leichter, J. (1990). Generalized secret sharing and monotone functions. In Proceedings on Advances in cryptology, pages 27-35. Springer-Verlag New York, Inc.
- Blakley, G. R. et al. (1979). Safeguarding cryptographic keys. In Proceedings of the national computer conference, volume 48, pages 313-317.
- Bogdanov, D., Jo˜emets, M., Siim, S., and Vaht, M. (2015). How the estonian tax and customs board evaluated a tax fraud detection system based on secure multi-party computation. In Financial Cryptography and Data Security, pages 227-234. Springer.
- Bogdanov, D., Laur, S., and Willemson, J. (2008). Sharemind: A framework for fast privacy-preserving computations. In Computer Security-ESORICS 2008, pages 192-206. Springer.
- BSI (2015). Algorithms for qualified electronic signatures. Available at http://www.bundesnetzagentur.de/.
- Chou, T.-S. (2013). Security threats on cloud computing vulnerabilities. International Journal of Computer Science & Information Technology, 5(3):79-88.
- DSouza, R., Jao, D., Mironov, I., and Pandey, O. (2011). Publicly verifiable secret sharing for cloudbased key management. In Progress in CryptologyINDOCRYPT 2011, pages 290-309. Springer.
- Feldman, P. (1987). A practical scheme for non-interactive verifiable secret sharing. InFoundations of Computer Science, 1987., 28th Annual Symposium on, pages 427-438. IEEE.
- Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., and Boneh, D. (2003). Terra: A virtual machine-based platform for trusted computing. In ACM SIGOPS Operating Systems Review, pages 193-206. ACM.
- Hadavi, M. A., Jalili, R., and Karimi, L. (2015). Access control aware data retrieval for secret sharing based database outsourcing. Distributed and Parallel Databases, pages 1-30.
- Haldar, V., Chandra, D., and Franz, M. (2004). Semantic remote attestation: a virtual machine directed approach to trusted computing. In USENIX Virtual Machine Research and Technology Symposium, volume 2004.
- Neisse, R., Holling, D., and Pretschner, A. (2011). Implementing trust in cloud infrastructures. In Proceedings of the 2011 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, pages 524- 533. IEEE Computer Society.
- Rocha, F. and Correia, M. (2011). Lucy in the sky without diamonds: Stealing confidential data in the cloud. In Dependable Systems and Networks Workshops (DSNW), 2011 IEEE/IFIP 41st International Conference on, pages 129-134. IEEE.
- Rocha, F., Gross, T., and Van Moorsel, A. (2013). Defensein-depth against malicious insiders in the cloud. In Cloud Engineering (IC2E), 2013 IEEE International Conference on, pages 88-97. IEEE.
- Santos, N., Gummadi, K. P., and Rodrigues, R. (2009). Towards trusted cloud computing. In Proceedings of the 2009 conference on Hot topics in cloud computing, pages 3-3. San Diego, California.
- Schoenmakers, B. (1999). A simple publicly verifiable secret sharing scheme and its application to electronic voting. In Advances in CryptologyCRYPTO99, pages 148-164. Springer.
- Shamir, A. (1979). How to share a secret. Communications of the ACM, 22(11):612-613.
Paper Citation
in Harvard Style
Ahmadvand M., Scemama A., Ochoa M. and Pretschner A. (2016). Enhancing Operation Security using Secret Sharing . In Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016) ISBN 978-989-758-196-0, pages 446-451. DOI: 10.5220/0005992104460451
in Bibtex Style
@conference{secrypt16,
author={Mohsen Ahmadvand and Antoine Scemama and Martín Ochoa and Alexander Pretschner},
title={Enhancing Operation Security using Secret Sharing},
booktitle={Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)},
year={2016},
pages={446-451},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005992104460451},
isbn={978-989-758-196-0},
}
in EndNote Style
TY - CONF
JO - Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)
TI - Enhancing Operation Security using Secret Sharing
SN - 978-989-758-196-0
AU - Ahmadvand M.
AU - Scemama A.
AU - Ochoa M.
AU - Pretschner A.
PY - 2016
SP - 446
EP - 451
DO - 10.5220/0005992104460451