Open AccessRASSS: a hijack‐resistant confidential information management scheme for distributed systems
Author(s) -
Bu Lake,
Isakov Mihailo,
Kinsy Michel A.
Publication year - 2019
Publication title -
iet computers and digital techniques
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.219
H-Index - 46
eISSN - 1751-861X
pISSN - 1751-8601
DOI - 10.1049/iet-cdt.2018.5167
Subject(s) - computer science , confidentiality , computer security , secret sharing , encryption , information sharing , scheme (mathematics) , secure multi party computation , login , information sensitivity , computer network , cryptography , world wide web , mathematical analysis , mathematics
In distributed systems there is often a need to store and share sensitive information (e.g., encryption keys, digital signatures, login credentials etc.) among the devices. It is also generally the case that this piece of information cannot be entrusted to any individual device since the malfunction or compromising of one node could jeopardize the security of the entire system. Even if the information is split among the devices, there is still a risk when an attacker can compromise a group of them. Therefore we have designed and implemented a secure and robust secret sharing scheme to enable a more resilient sharing of confidential information. This solution provides three important features: (i) it uses threshold secret sharing to split the information into shares to be kept by all devices in the system; so the information can only be retrieved collaboratively by groups of devices; (ii) it guarantees the privacy of the confidential information under a certain number of passive hijacking attacks; and (iii) it ensures the integrity of the confidential information against any number of hijackers who actively and collusively attack the devices. It is able to identify all the compromised devices, while still keeping the secret unforgeable to attackers.