Adaptive Cryptographic Access Control

DOI: 10.1007/978-1-4419-6655-1 Publisher: Springer, ISBN: 978-0-387-77265-3
Source: DBLP
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Nowadays, cryptographic devices are widely used, so how to assess the security of them becomes a pivotal issue. There are two conventional ways to do this, by analyzing the underlying cryptographic protocols or by estimating if the devices meet standards such as FIPS 140-2 or Common Criteria Standard Documents. However, neither of them provides a comprehensive view of the security of the devices. In this paper, we first propose a bottom-up method to prove the UC (Universally Composable) security of the cryptographic devices composed by hardware, software and protocols, and give a general security framework of them. Base on the framework, we present a method that describes the local physical security of cryptographic SoC hardware as UC security. Then we establish the equivalence of software codes and the real-world models in the condition of “Exactly Realize”, which illustrate the UC security of software. Besides, we propose methods to construct UC secure cryptographic modules from UC secure cryptographic SoC and a further method to construct UC secure cryptographic devices. Furthermore, based on the idea of bottom-up, we can develop new UC secure cryptographic devices which are more powerful by the combination of the existed UC secure cryptographic devices.
    Information Security Practice and Experience - 7th International Conference, ISPEC 2011, Guangzhou, China, May 30 - June 1, 2011. Proceedings; 01/2011