We asked this question last year during an interesting discussion on how to securely store and use cryptographic keys on arbitrary devices and platforms, such as mobile devices, desktop PCs, laptops or web browsers. Current solutions are based on smartcards, NFC tokens, dedicated hardware security modules, secure micro SD cards or special SIM cards. Although these solutions are considered as secure, each of them is just available on a limited number of platforms: Smartcards can be used on desktop devices with the appropriate smart card readers, SIM cards on mobile devices, or secure SD cards on a limited number of mobile devices. Apart from securely storing and using the keys, there remains the problem of key distribution - how to transfer a key from device to another? Finding the answer to that question typically involves a compromise between security and usability, which is in most cases is not acceptable.
Thus, the last year we have concentrated on storing the keys in the cloud, and providing cryptographic functions using those keys over a simple JSON based protocol that can be used from arbitrary devices and platforms (even the web browser). The term cloud could refer to public and private clouds, whereas the latter is the most likely scenario and involves the deployment of central hardware security elements for securely storing the keys.
The project was carried out as research project by students and IAIK employees and involved bachelor/master theses, internships, practical parts of the Advanced Computer Networks lecture and IAIK projects.
The current state of the project will be presented on December 18th at the IAIK. Apart from the live demos that will highlight the technical details of the projects, we will discuss how applied research is carried out at the IAIK by a very promising collaboration of students and employees.
No comments:
Post a Comment