A quorum-consensus replication method for abstract data types
ACM Transactions on Computer Systems (TOCS)
Communications of the ACM
Chord: A scalable peer-to-peer lookup service for internet applications
Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications
COCA: A secure distributed online certification authority
ACM Transactions on Computer Systems (TOCS)
Asynchronous verifiable secret sharing and proactive cryptosystems
Proceedings of the 9th ACM conference on Computer and communications security
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Pastry: Scalable, Decentralized Object Location, and Routing for Large-Scale Peer-to-Peer Systems
Middleware '01 Proceedings of the IFIP/ACM International Conference on Distributed Systems Platforms Heidelberg
A Simple Publicly Verifiable Secret Sharing Scheme and Its Application to Electronic
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Proactive Secret Sharing Or: How to Cope With Perpetual Leakage
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
A Simplified Approach to Threshold and Proactive RSA
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Secure Intrusion-tolerant Replication on the Internet
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Self-Securing Ad Hoc Wireless Networks
ISCC '02 Proceedings of the Seventh International Symposium on Computers and Communications (ISCC'02)
Responsive Security for Stored Data
ICDCS '03 Proceedings of the 23rd International Conference on Distributed Computing Systems
Providing Robust and Ubiquitous Security Support for Mobile Ad Hoc Networks
ICNP '01 Proceedings of the Ninth International Conference on Network Protocols
On the Utility of Distributed Cryptography in P2P and MANETs: The Case of Membership Control
ICNP '03 Proceedings of the 11th IEEE International Conference on Network Protocols
An attack on the proactive RSA signature scheme in the URSA ad hoc network access control protocol
Proceedings of the 2nd ACM workshop on Security of ad hoc and sensor networks
Distributed Computing
Publius: a robust, tamper-evident, censorship-resistant web publishing system
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Building intrusion tolerant applications
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Verifiable secret sharing and achieving simultaneity in the presence of faults
SFCS '85 Proceedings of the 26th Annual Symposium on Foundations of Computer Science
A practical scheme for non-interactive verifiable secret sharing
SFCS '87 Proceedings of the 28th Annual Symposium on Foundations of Computer Science
Practical threshold signatures
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Further simplifications in proactive RSA signatures
TCC'05 Proceedings of the Second international conference on Theory of Cryptography
DSO: dependable signing overlay
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
IEEE Network: The Magazine of Global Internetworking
DSO: dependable signing overlay
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
Dependable digital signing service requires both high fault-tolerance and high intrusion-tolerance. While providing high fault-tolerance, existing approaches do not satisfy the high intrusion-tolerance requirement in the face of availability, confidentiality and integrity attacks. In this paper, we propose Dependable Signing Overlay (DSO), a novel server architecture that can provide high intrusion-tolerance as well as high fault-tolerance. The key idea is: replicate the key shares and make the signing servers anonymous to clients (and thus also to the would-be attackers), in addition to using threshold signing. DSO utilizes structured P2P overlay routing techniques to provide timely services to legitimate clients. DSO is intended to be a scalable infrastructure for dependable digital signing service. This paper presents the architecture and protocols of DSO, and the analytical models for reliability and security analysis. We show that, compared with existing techniques, DSO has much better intrusion-tolerance under availability, confidentiality and integrity attacks.