CODEX: A Robust and Secure Secret Distribution System

Authors:
Michael A. Marsh;Fred B. Schneider
Affiliations:
IEEE;IEEE
Venue:
IEEE Transactions on Dependable and Secure Computing
Year:
2004

Citing 24
Cited 11

A practical zero-knowledge protocol fitted to security microprocessor minimizing both transmission and memory

Lecture Notes in Computer Science on Advances in Cryptology-EUROCRYPT'88
Impossibility of distributed consensus with one faulty process

Journal of the ACM (JACM)
Proactive public key and signature systems

Proceedings of the 4th ACM conference on Computer and communications security
Secure distributed storage and retrieval

Theoretical Computer Science
The &OHgr; key management service

Journal of Computer Security
How to share a secret

Communications of the ACM
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
COCA: A secure distributed online certification authority

ACM Transactions on Computer Systems (TOCS)
Replicating the Kuperee authentication server for increased security and reliability

ACISP '96 Proceedings of the First Australasian Conference on Information Security and Privacy
A Modification of the Fiat-Shamir Scheme

CRYPTO '88 Proceedings of the 8th Annual International Cryptology Conference on Advances in Cryptology
Threshold Cryptosystems

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Shared Generation of Authenticators and Signatures (Extended Abstract)

CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Proactive Secret Sharing Or: How to Cope With Perpetual Leakage

CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Proactive RSA

CRYPTO '97 Proceedings of the 17th Annual International Cryptology Conference on Advances in Cryptology
A Simplified Approach to Threshold and Proactive RSA

CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
The Rampart Toolkit for Building High-Integrity Services

Selected Papers from the International Workshop on Theory and Practice in Distributed Systems
Secure Intrusion-tolerant Replication on the Internet

DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Some Recent Research Aspects of Threshold Cryptography

ISW '97 Proceedings of the First International Workshop on Information Security
Distributed Public Key Cryptosystems

PKC '98 Proceedings of the First International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Key Escrow in Mutually Mistrusting Domains

Proceedings of the International Workshop on Security Protocols
Optimal-resilience proactive public-key cryptosystems

FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Byzantine quorum systems

Distributed Computing
Distributed Pseudo-random functions and KDCs

EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Scalable secure one-to-many group communication using dual encryption

Computer Communications

Implementing Trustworthy Services Using Replicated State Machines

IEEE Security and Privacy
An approach for fault tolerant and secure data storage in collaborative work environments

Proceedings of the 2005 ACM workshop on Storage security and survivability
Proactive resilience through architectural hybridization

Proceedings of the 2006 ACM symposium on Applied computing
Hidden problems of asynchronous proactive recovery

HotDep'07 Proceedings of the 3rd workshop on on Hot Topics in System Dependability
DepSpace: a byzantine fault-tolerant coordination service

Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
A Proactive Secret Sharing Scheme in matrix projection method

International Journal of Security and Networks
Proactive Byzantine Quorum Systems

OTM '09 Proceedings of the Confederated International Conferences, CoopIS, DOA, IS, and ODBASE 2009 on On the Move to Meaningful Internet Systems: Part I
Proactive Fortification of Fault-Tolerant Services

OPODIS '09 Proceedings of the 13th International Conference on Principles of Distributed Systems
Proactive obfuscation

ACM Transactions on Computer Systems (TOCS)
Implementing trustworthy services using replicated state machines

Replication
Proactive recovery approach for intrusion tolerance with dynamic configuration of physical and virtual replicas

Security and Communication Networks

Quantified Score

Hi-index	0.00

Visualization

Abstract

CODEX (COrnell Data EXchange) stores secrets for subsequent access by authorized clients. It also is a vehicle for exploring the generality of a relatively new approach to building distributed services that are both fault-tolerant and attack-tolerant. Elements of that approach include: embracing the asynchronous (rather than synchronous) model of computation, use of Byzantine quorum systems for storing state, and employing proactive secret sharing with threshold cryptography for implementing confidentiality and authentication of service responses. Besides explaining the CODEX protocols, experiments to measure their performance are discussed.