A calculus for privacy-friendly authentication
Patrik Bichsel, Jan Camenisch, et al.
SACMAT 2012
Encryption keys are sometimes encrypted themselves; doing that properly requires special care. Although it might look like an oversight at first, the broadly accepted formal security definitions for cryptosystems don't allow encryption of key-dependent messages. Furthermore, key-management systems frequently use key encryption or wrapping, which might create dependencies among keys that lead to problems with simple access-control checks. Security professionals should be aware of this risk and take appropriate measures. Novel cryptosystems offer protection for key-dependent messages and should be considered for practical use. Through enhanced access control in key-management systems, you can prevent security-interface attacks. © 2006 IEEE.
Patrik Bichsel, Jan Camenisch, et al.
SACMAT 2012
Christian Cachin, Klaus Kursawe, et al.
Journal of Cryptology
Christian Cachin
EDCC 2017
Christian Cachin
DSN 2001