Abstract | ||
---|---|---|
The main duty of key management is to keep cryptographic keys in secret. However, it is difficulty to quantitatively assess that how well does a key management scheme protect the keys. In this paper, we propose to use reliability theory, which was mainly used to evaluate performance persistence for engineering systems, to estimate the performance of key management schemes. The reliability analysis leads to counter-intuitive results such as the widely deployed periodic key update scheme is ineffective when key thefts are possible. The analysis also shows that using password with an electronic security token for authentication is a strong security measure in the beginning but is unreliable in the long run. In general, the reliability analysis demonstrates that current key management schemes focus too much on postponing the first key theft from occurring but lack of considerations on quickly recovering stolen keys. In the later part of this paper, we discuss possible directions that may improve the reliability of key management schemes. |
Year | DOI | Venue |
---|---|---|
2014 | 10.1109/ICC.2014.6883450 | ICC |
Keywords | Field | DocType |
cryptographic key management,stolen keys,private key cryptography,reliability analysis,engineering systems,electronic security token,authentication,telecommunication network management,counter-intuitive results,periodic key update scheme,reliability theory,key management scheme,key thefts,availability,reliability engineering | Key distribution,Key management,Key generation,Static key,Key exchange,Computer science,Computer security,Computer network,Public-key cryptography,Cryptographic key types,Key (cryptography) | Conference |
ISSN | Citations | PageRank |
1550-3607 | 0 | 0.34 |
References | Authors | |
13 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Sheng Xiao | 1 | 17 | 3.23 |
Weibo Gong | 2 | 3225 | 250.70 |
Don Towsley | 3 | 18693 | 1951.05 |
Qingquan Zhang | 4 | 0 | 2.70 |
Ting Zhu | 5 | 214 | 12.32 |