DIMACS TR: 2001-19
Networked Cryptographic Devices Resilient to Capture
Authors: Philip MacKenzie and Michael K. Reiter
ABSTRACT
We present a simple technique by which a device that performs private
key operations (signatures or decryptions) in networked applications,
and whose local private key is activated with a password or PIN, can
be immunized to offline dictionary attacks in case the device is
captured. Our techniques do not assume tamper resistance of the
device, but rather exploit the networked nature of the device, in that
the device's private key operations are performed using a simple
interaction with a remote server. This server, however, is
untrusted---its compromise does not reduce the security of the
device's private key unless the device is also captured---and need not
have a prior relationship with the device. We further extend this
approach with support for "key disabling", by which the rightful
owner of a stolen device can disable the device's private key even if
the attacker already knows the user's password.
Paper Available at:
ftp://dimacs.rutgers.edu/pub/dimacs/TechnicalReports/TechReports/2001/2001-19.ps.gz
DIMACS Home Page