Paper 2018/389
Distributed SSH Key Management with Proactive RSA Threshold Signatures
Yotam Harchol, Ittai Abraham, and Benny Pinkas
Abstract
SSH is a security network protocol that uses public key cryptography for client authentication. SSH connections are designed to be run between a client and a server and therefore in enterprise networks there is no centralized monitoring of all SSH connections. An attractive method for enforcing such centralized control, audit or even revocation is to require all clients to access a centralized service in order to obtain their SSH keys. Doing this will introduce security and availability issues. The benefits of centralized control come with new challenges in security and availability.
In this paper we present ESKM - a \emph{distributed enterprise SSH key manager}. ESKM is a secure and fault-tolerant logically-centralized SSH key manager. ESKM leverages
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Major revision. ACNS 2018
- Keywords
- distributed cryptographyimplementationRSAsecret sharingthreshold cryptography
- Contact author(s)
- yotamhc @ cs huji ac il
- History
- 2018-05-01: received
- Short URL
- https://ia.cr/2018/389
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2018/389, author = {Yotam Harchol and Ittai Abraham and Benny Pinkas}, title = {Distributed {SSH} Key Management with Proactive {RSA} Threshold Signatures}, howpublished = {Cryptology {ePrint} Archive, Paper 2018/389}, year = {2018}, url = {https://eprint.iacr.org/2018/389} }