A digital signature scheme secure against adaptive chosen-message attacks
SIAM Journal on Computing - Special issue on cryptography
How to withstand mobile virus attacks (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
Proactive public key and signature systems
Proceedings of the 4th ACM conference on Computer and communications security
Communications of the ACM
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Spectral Techniques in Graph Algorithms
LATIN '98 Proceedings of the Third Latin American Symposium on Theoretical Informatics
A Simplified Approach to Threshold and Proactive RSA
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Server-Assisted Generation of a Strong Secret from a Password
WETICE '00 Proceedings of the 9th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Strong Key-Insulated Signature Schemes
PKC '03 Proceedings of the 6th International Workshop on Theory and Practice in Public Key Cryptography: Public Key Cryptography
SiBIR: Signer-Base Intrusion-Resilient Signatures
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Yaksha: augmenting Kerberos with public key cryptography
SNDSS '95 Proceedings of the 1995 Symposium on Network and Distributed System Security (SNDSS'95)
Small worlds in security systems: an analysis of the PGP certificate graph
Proceedings of the 2002 workshop on New security paradigms
BRITE: An Approach to Universal Topology Generation
MASCOTS '01 Proceedings of the Ninth International Symposium in Modeling, Analysis and Simulation of Computer and Telecommunication Systems
Networked Cryptographic Devices Resilient to Capture
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
SybilGuard: defending against sybil attacks via social networks
Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
A method for fast revocation of public key certificates and security capabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Protecting Cryptographic Keys from Memory Disclosure Attacks
DSN '07 Proceedings of the 37th Annual IEEE/IFIP International Conference on Dependable Systems and Networks
Exploiting social networks for threshold signing: attack-resilience vs. availability
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Robust threshold DSS signatures
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Two efficient and provably secure schemes for server-assisted threshold signatures
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Exploiting social networks for threshold signing: attack-resilience vs. availability
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Assigning applications to servers: a simulation study
SpringSim '10 Proceedings of the 2010 Spring Simulation Multiconference
Measuring the mixing time of social graphs
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
SocialClouds: concept, security architecture and some mechanisms
INTRUST'09 Proceedings of the First international conference on Trusted Systems
Towards attack resilient social network based threshold signing
Inscrypt'11 Proceedings of the 7th international conference on Information Security and Cryptology
Hi-index | 0.00 |
Digital signatures are an important security mechanism, especially when non-repudiation is desired. However, non-repudiation is meaningful only when the private signing keys and functions are adequately protected --- an assumption that is very difficult to accommodate in the real world because computers (and thus cryptographic keys and functions) could be relatively easily compromised. One approach to resolving, or at least alleviating, this problem is to use threshold cryptography. But how should such techniques be employed in the real world? In this paper we propose exploiting social networks whereby average users take advantage of their trusted ones to help secure their cryptographic keys. While the idea is simple from an individual user's perspective, we aim to understand the resulting systems from a whole-system perspective. Specifically, we propose and investigate two measures of the resulting systems: attack-resilience, which captures the security consequences due to the compromise of some computers and thus the compromise of the cryptographic key shares stored on them; availability, which captures the effect when computers are not always responsive (due to the peer-to-peer nature of social networks).