A secure cryptographic token interface
Christian Cachin, Nishanth Chandran
CSF 2009
Encryption keys are sometimes encrypted themselves; doing that properly requires special care. Although it might look like an oversight at first, the broadly accepted formal security definitions for cryptosystems don't allow encryption of key-dependent messages. Furthermore, key-management systems frequently use key encryption or wrapping, which might create dependencies among keys that lead to problems with simple access-control checks. Security professionals should be aware of this risk and take appropriate measures. Novel cryptosystems offer protection for key-dependent messages and should be considered for practical use. Through enhanced access control in key-management systems, you can prevent security-interface attacks. © 2006 IEEE.
Christian Cachin, Nishanth Chandran
CSF 2009
Shengyun Liu, Paolo Viotti, et al.
OSDI 2016
Jan Camenisch, Manu Drijvers, et al.
CCS 2017
Jan Camenisch, Els Van Herreweghen
CCS 2002