A secure multi-party scheme with certificateless cryptography for secret key extraction
Abstract: Many systems contain sensitive data such as user credentials used for authentication purposes. For large systems, a common approach is to store the data in a configuration file at a trusted third party. However, that would imply a single point of failure if an adversary gains access to the trusted party. In theory this could be solved by encrypting the data but in practice this only moves the problem and does not solve it, since some type of credential data is needed to decrypt the configuration file. A more flexible solution is needed that requires less of human interaction while also providing a higher degree of security. This thesis proposes a complete cryptographical system for solving this problem in a typical enterprise setting with a set of additional implementation requirements by using multi-party computation and Shamir's secret sharing protocol. Additionally, the work combines the mentioned system with a certificateless cryptography based multi-party computation protocol, since certificates usually implies a time-consuming process. The system has been evaluated in terms of security and efficiency with the conclusion that the results look promising. In terms of performance, the bulk of the overhead comes from certificateless cryptography, a constraint for the specific scenario which might not be present in general. The work also provides incentives for developing and further evolving Java libraries for cryptography, especially for multi-party computation and certificateless cryptography.
AT THIS PAGE YOU CAN DOWNLOAD THE WHOLE ESSAY. (follow the link to the next page)