How to withstand mobile virus attacks (extended abstract)
PODC '91 Proceedings of the tenth annual ACM symposium on Principles of distributed computing
A security architecture for fault-tolerant systems
ACM Transactions on Computer Systems (TOCS) - Special issue on computer architecture
The &OHgr; key management service
Journal of Computer Security
Communications of the ACM
Handbook of Applied Cryptography
Handbook of Applied Cryptography
COCA: A secure distributed online certification authority
ACM Transactions on Computer Systems (TOCS)
Asynchronous verifiable secret sharing and proactive cryptosystems
Proceedings of the 9th ACM conference on Computer and communications security
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Proactive Secret Sharing Or: How to Cope With Perpetual Leakage
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Some Recent Research Aspects of Threshold Cryptography
ISW '97 Proceedings of the First International Workshop on Information Security
Summaries of Three Critical Infrastructure Applications
Summaries of Three Critical Infrastructure Applications
A practical scheme for non-interactive verifiable secret sharing
SFCS '87 Proceedings of the 28th Annual Symposium on Foundations of Computer Science
| Hi-index | 0.00 |
With the increase in the Internet usage and the load on the servers, replication is used as a standard approach for improving availability of an online service. However, replication of a secret increases vulnerability, so replication must be used in a strategic way if both security and dependability need to be addressed simultaneously. In this paper we propose a verifiable and proactive secret sharing framework in which the secret of the distributed system is sampled and the samples, called shares are scattered in the cluster and refreshed proactively in a periodic manner. In this approach, the secret is never transferred over the network and is never reconstructed at a replicated site. Our scheme increases the number of servers the adversary has to compromise in order to discover the secret, thereby hardening security. We present various algorithms to distribute, refresh, recover and reconstruct the secret in an asynchronous environment. As a proof of concept the framework has been simulated using Opnet and preliminary results are reported.