1 / 9

I ntrusion T olerance via T hreshold C ryptography

ITTC. I ntrusion T olerance via T hreshold C ryptography. Dan Boneh Stanford University. Bill Aiello Bellcore. Michael Malkin Stanford University. Tom Wu Stanford University. http://www.stanford.edu/~dabo/ITTC/. Absolute intrusion prevention is impossible.

seamus
Download Presentation

I ntrusion T olerance via T hreshold C ryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. ITTC Intrusion ToleranceviaThreshold Cryptography Dan Boneh Stanford University Bill Aiello Bellcore Michael Malkin Stanford University Tom Wu Stanford University http://www.stanford.edu/~dabo/ITTC/

  2. Absolute intrusion prevention is impossible Networked systems should be designed to maintain security even when hosts are penetrated and sensitive information is exposed. Main Design Principle Long-term security information should never be located at a single location: No single point of failure!

  3. Scalability and Performance • High availability of private keys • Automatic load-balancing among share servers • Can reconstruct lost or corrupted shares • Arbitrary number of clients, up to 15 share servers • Can refresh shares to recover from compromised servers

  4. Objectives • A module that can provide intrusion tolerance to legacy systems • Protect long term security information using threshold cryptography • Eliminate trusted dealers: keys are generated and managed without trusted dealers

  5. Share Server 1 Share Server 2 Share Server 3 CTL CTL CTL Share #1 Share #2 Share #3 TLB TLB TLB Architecture • Share servers manage multiple clients and keys • Central administration of share servers

  6. Library Components COM: Enables private and authenticated communication KEY: Key management GEN: Key generation with no trusted dealer NTD: Threshold decryption

  7. Controllers CTL: Controller for share servers TLB: Client API of threshold decryption library, identifies compromised hosts ADM: Administration utilities

  8. Certification Authority Gateway Request X.509 • CA’s private key is shared among three servers • Any two servers can generate certificate • No trusted dealer • Hard to break into two sites: diversity + refresh Share #1 Share #2 Share #3

  9. #1 #2 #3 Web Server Internet User Web Server • ITTC is used to establish the SSL session key • SSL ensures a secure connection • The server’s private key is never reconstructed at a single location.

More Related