The proactive security toolkit and applications

1 November 1999

proceedings article
Published by Association for Computing Machinery (ACM)

p. 18-27
https://doi.org/10.1145/319709.319713

Abstract

Existing security mechanisms focus on prevention of penetrations, detection of a penetration and (manual) recovery tools Indeed attackers focus their penetration efforts on breaking into critical modules, and on avoiding detection of the attack. As a result, security tools and procedures may cause the attackers to lose control over a specific module (computer, account), since the attacker would rather lose control than risk detection of the attack. While controlling the module, attacker may learn critical secret information or modify the module that make it much easier for the attacker to regain control over that module later. Recent results in cryptography give some hope of improving this situation; they show that many fundamental security tasks can be achieved with proactive security. Proactive security does not assume that there is any module completely secure against penetration Instead, we assume that at any given time period (day, week,.), a sufficient number of the modules in the system are secure (not penetrated). The results obtained so far include some of the most important cryptographic primitives such as signatures, secret sharing, and secure communication However, there was no usable implementation, and several critical issues (for actual use) were not addressedIn this work we report on a practical toolkit implementing the key proactive security mechanisms The toolkit provides secure interfaces to make it easy for applications to recover from penetrations. The toolkit also addresses other critical implementation issues, such as the initialization of the proactive secure system. We describe the toolkit and discuss some of the potential applications. Some applications require minimal enhancements to the existing implementations - e.g. for secure logging (especially for intrusion detection), secure end-to-end communication and timestamping. Other applications require more significant enhancements, mainly distribution over multiple servers, examples are certification authority, key recovery, and secure file system or archive

Keywords

This publication has 8 references indexed in Scilit:

Proactive public key and signature systems
Published by Association for Computing Machinery (ACM) ,1997
Maintaining authenticated communication in the presence of break-ins
Published by Association for Computing Machinery (ACM) ,1997
The Ω key management service
Published by Association for Computing Machinery (ACM) ,1996
The Rampart toolkit for building high-integrity services
Published by Springer Nature ,1995
Secure agreement protocols
Published by Association for Computing Machinery (ACM) ,1994
How to withstand mobile virus attacks (extended abstract)
Published by Association for Computing Machinery (ACM) ,1991
A practical scheme for non-interactive verifiable secret sharing
Published by Institute of Electrical and Electronics Engineers (IEEE) ,1987
How to share a secret
Communications of the ACM, 1979