How to Recover a Cryptographic Secret From the Cloud

David Adei; Chris Orsini; Alessandra Scafuro; Tanner Verber

Paper 2023/1308

How to Recover a Cryptographic Secret From the Cloud

David Adei, North Carolina State University

Chris Orsini, North Carolina State University

Alessandra Scafuro, North Carolina State University

Tanner Verber, North Carolina State University

Abstract

Clouds have replaced most local backup systems as they offer strong availability and reliability guarantees. Clouds, however, are not (and should not be) used as backup for cryptographic secrets. Cryptographic secrets might control financial assets (e.g., crypto wallets), hence, storing such secrets on the cloud corresponds to sharing ownership of the financial assets with the cloud, and makes the cloud a more attractive target for insider attacks. Can we have the best of the two worlds, where a user, Alice, can conveniently store a copy of her cryptographic secrets on the cloud and she is the only one who can recover them (without trusting any entity)? Can she do so even when she loses her devices and forgets all credentials, while at the same time retaining full ownership of her secrets? In this paper, we provide a cloud-based secret-recovery mechanism where confidentiality is always guaranteed when Alice has not lost her credentials, even in the presence of a malicious cloud. If Alice loses all her credentials, she can still recover her secrets (in most circumstances). This is in contrast with all previous work that relies on the assumption that Alice remembers some authentication secret. We prove our system secure in the Universally Composable framework. Further, we implement our protocols and evaluate their performance.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Preprint.
Keywords: Key Management Blockchain Public-key Cryptography Symmetric-key Cryptography TEE
Contact author(s): dahmed @ ncsu edu
crorsini @ ncsu edu
ascafur @ ncsu edu
tverber @ ncsu edu
History: 2024-05-21: revised; 2023-09-01: received; See all versions
Short URL: https://ia.cr/2023/1308
License: CC BY

BibTeX

@misc{cryptoeprint:2023/1308,
      author = {David Adei and Chris Orsini and Alessandra Scafuro and Tanner Verber},
      title = {How to Recover a Cryptographic Secret From the Cloud},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1308},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/1308}},
      url = {https://eprint.iacr.org/2023/1308}
}