Providing security to usage of long-term keys in case of semi-trusted secure environment
Abstract
The task of enabling usage of cryptographic software (especially, for working with digital signature) with general-purpose mobile devices (e.g., smartphones with iOS or Android operation systems) is inevitably discussed during all conference discussions dedicated to mass-market cryptography. Users are used to performing their everyday operations with smartphones. Lower level of trust to such devices as environment for cryptographic software must always be kept in mind while developing systems involving them in processes; nevertheless, integrated additional security measures have made possible significant increase of security on such devices and, therefore, certification and usage of cryptographic software for mobile devices. At the same time, the question of providing secure and convenient ways of using long-term keys in hardware tokens with mobile devices still requires further research. In the current paper, we do a review of existing ways of using cryptographic tokens with long-term keys via mobile devices and develop approaches for solving this task in real-world scenarios based on recently developed protocols for password-based authenticated key establishment with proven security.
Full Text:
PDF (Russian)References
S.V. Smyshlyaev, “Present and Future of Cryptographic Protocols in Internet”, talk at the RusCrypto’2020 Conference, 2020 (in Russian), https://www.ruscrypto.ru/resource/archive/rc2020/files/01_smyshlyaev.pdf
“Information technology. Cryptographic data security. The use of the Russian cryptographic algorithms in the Transport Layer Security protocol (TLS 1.2”». Recommendations on standardization R 1323565.1.020-2020, Federal Agency for Technical Regulation and Metrology (ROSSTANDART), 2020 (in Russian), https://tc26.ru/standarts/rekomendatsii-po-standartizatsii/r-1323565-1-020-2020-informatsionnaya-tekhnologiya-kriptograficheskaya-zashchita-informatsii-ispolzovanie-kriptograficheskikh-algoritmov-v-protokole-bezopasnosti-transportnogo-urovnya-tls-1-2-.html
L.R. Akhmetzyanova, E.K. Alekseev, G.K. Sedov, S.V. Smyshlyaev “On Security of TLS 1.2 Record Layer with Russian Ciphersuites”, proceedings of 8-th Workshop on Current Trends in Cryptology (CTCrypt 2019), pp. 253-292.
A.G. Sabanov, “Analysis of International Standards on Identification and Authentication“, talk at the X Ural Forum “Information security of financial sphere“, 2018 (in Russian).
P.V. Smirnov, S. V. Smyshlyaev, “Providing security to remote digital signature systems in case of semi-trusted secure environment”, in International Journal of Open Information Technologies, vol. 8, № 12, 2020, pp. 77-84 (in Russian), http://injoit.org/index.php/j1/article/view/1011
“Information technology. Cryptographic data security. Password Authenticated Key Establishment Protocol”. Recommendations on standardization R 50.1.115-2016, Federal Agency for Technical Regulation and Metrology (ROSSTANDART), 2016 (in Russian), https://tc26.ru/standarts/rekomendatsii-po-standartizatsii/r-50-1-115-2016-informatsionnaya-tekhnologiya-kriptograficheskaya-zashchita-informatsii-protokol-vyrabotki-obshchego-klyucha-s-autentifikatsiey-na-osnove-parolya.html
Smyshlyaev, S., Ed., Alekseev, E., Oshkin, I., Popov, "The Security Evaluated Standardized Password-Authenticated Key Exchange (SESPAKE) Protocol ", RFC 8133, March 2017, https://www.rfc-editor.org/rfc/rfc8133.html
E.K. Alekseev, L.R. Akhmetzyanova, I.B. Oshkin, S.V. Smyshlyaev, “A review of the password authenticated key exchange protocols vulnerabilities and principles of the SESPAKE protocol construction”, Matem. Vopr. Kriptogr., vol. 7, № 4, 2016, pp. 7-28, http://www.mathnet.ru/php/archive.phtml?wshow=paper&jrnid=mvk&paperid=201
E.K. Alekseev, S.V. Smyshlyaev, “On security of the SESPAKE protocol”, Prikl. Diskr. Mat., vol. 50, 2020, pp. 5-41, http://www.mathnet.ru/php/archive.phtml?wshow=paper&jrnid=pdm&paperid=719
Refbacks
- There are currently no refbacks.
Abava Кибербезопасность IT Congress 2024
ISSN: 2307-8162