By Topic

The design and implementation of a JCA-compliant capture protection infrastructure

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Reiter, M.K. ; Dept. of Electr. & Comput. Eng., Carnegie Mellon Univ., Pittsburgh, PA, USA ; Samar, A. ; Chenxi Wang

A capture protection server protects a cryptographic key on a device that may be captured by authenticating the user of the device (e.g., by password) before permitting the key to be used. Delegation from one capture protection server to another enables the new server to perform this capture protection function for the device. Delegation, however, opens the system to new vulnerabilities, including difficulties in limiting online password-guessing attacks and in disabling a device that has been stolen by an attacker who knows the password. Here we propose a lightweight protocol for coordinating capture protection servers that eliminates these vulnerabilities. We also report on the implementation of our protocol in a JCA-compliant cryptographic service provider, and ramifications of the JCA interfaces for our approach.

Published in:

Reliable Distributed Systems, 2003. Proceedings. 22nd International Symposium on

Date of Conference:

6-18 Oct. 2003