Security Analysis of Password-Authenticated Key Retrieval

Download Now
Provided by: International Association for Cryptologic Research
Topic: Security
Format: PDF
The problem of safely storing client's long-term static keys (e.g., symmetric keys, signature keys for digital signatures or decryption keys for public-key encryptions) can be addressed with credential services (including cloud services or SSO (Single Sign-On)), which also solve many usability constraints for clients. Consider a roaming client who accesses a network from different locations in order to retrieve their static keys (e.g., for temporal use of PKI (Public-Key Infrastructures)). This kind of roaming model can be supported by a credentials server that authenticates the client and then assists in downloading static keys for the client.
Download Now

Find By Topic