Cryptology ePrint Archive: Report 2013/629

Secure Key Management in the Cloud

Ivan Damgård and Thomas P. Jakobsen and Jesper Buus Nielsen and Jakob I. Pagter

Abstract: We consider applications involving a number of servers in the cloud that go through a sequence of online periods where the servers communicate, separated by offline periods where the servers are idle. During the offline periods, we assume that the servers need to securely store sensitive information such as cryptographic keys. Applications like this include many cases where secure multiparty computation is outsourced to the cloud, and in particular a number of online auctions and benchmark computations with confidential inputs. We consider fully autonomous servers that switch between online and offline periods without communicating with anyone from outside the cloud, and semi-autonomous servers that need a limited kind of assistance from outside the cloud when doing the transition. We study the levels of security one can - and cannot - obtain in this model, propose light-weight protocols achieving maximal security, and report on their practical performance.

Category / Keywords: cryptographic protocols / applications,key management,secret sharing,threshold cryptography

Original Publication (with major differences): 14th IMA Conference on Cryptography and Coding (IMA CC 2013)

Date: received 30 Sep 2013

Contact author: tpj at cs au dk

Available format(s): PDF | BibTeX Citation

Version: 20130930:171048 (All versions of this report)

Short URL: ia.cr/2013/629

Discussion forum: Show discussion | Start new discussion