Exploiting social networks for threshold signing: Attack-resilience vs. availability

Shouhuai Xu, Xiaohu Li, Paul Parker

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

11 Scopus citations

Abstract

Digital signatures are an important security mechanism, especially when non-repudiation is desired. However, non-repudiation is meaningful only when the private signing keys and functions are adequately protected - - an assumption that is very difficult to accommodate in the real world because computers (and thus cryptographic keys and functions) could be relatively easily compromised. One approach to resolving, or at least alleviating, this problem is to use threshold cryptography. But how should such techniques be employed in the real world? In this paper we propose exploiting social networks whereby average users take advantage of their trusted ones to help secure their cryptographic keys. While the idea is simple from an individual user's perspective, we aim to understand the resulting systems from a whole-system perspective. Specifically, we propose and investigate two measures of the resulting systems: attack-resilience, which captures the security consequences due to the compromise of some computers and thus the compromise of the cryptographic key shares stored on them; availability, which captures the effect when computers are not always responsive (due to the peer-to-peer nature of social networks).

Original languageEnglish
Title of host publicationProceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08
Pages325-336
Number of pages12
DOIs
StatePublished - 2008
Event2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08 - Tokyo, Japan
Duration: 18 Mar 200820 Mar 2008

Publication series

NameProceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08

Conference

Conference2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS '08
Country/TerritoryJapan
CityTokyo
Period18/03/0820/03/08

Keywords

  • Attack-resilience
  • Availability
  • Social networks
  • Threshold cryptography
  • Threshold signing

Fingerprint

Dive into the research topics of 'Exploiting social networks for threshold signing: Attack-resilience vs. availability'. Together they form a unique fingerprint.

Cite this