Mission Impossible: Securing Master Keys

Hannes Salin; Dennis Fokin

arXiv:2107.00580·cs.CR·July 2, 2021

Mission Impossible: Securing Master Keys

Hannes Salin, Dennis Fokin

PDF

Open Access 1 Repo

TL;DR

This paper discusses the inherent challenges in securing master keys, reviews emerging cryptographic solutions, and offers guidelines to maximize security against powerful adversaries.

Contribution

It provides an overview of cryptographic approaches and proposes practical guidelines for enhancing master key security, emphasizing that complete security is unattainable.

Findings

01

Cryptography is increasingly used to secure master keys.

02

Complete security of master keys is impossible, but security can be maximized.

03

Guidelines can help improve master key protection.

Abstract

Securing a secret master key is a non-trivial task, we even argue it is impossible to fully secure it, hence we must make it as difficult as possible for any powerful adversary to steal or use the key. We introduce the reader to interesting cryptography which is starting to get more attention in terms of addressing the above problem, and we briefly overview some commercial and open-source products that can be used. Finally, we propose a set of solutions on how to secure master keys, more as guidelines rather than exact technical specifications, with aim to inspire and raise awareness of how to increase the security as much as possible.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Code & Models

Repositories

hannessalin/hannessalin.github.io
none

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsCryptography and Data Security · Cryptographic Implementations and Security · Cloud Data Security Solutions