Paper 2023/1308

How to Recover a Cryptographic Secret From the Cloud

David Adei, North Carolina State University
Chris Orsini, North Carolina State University
Alessandra Scafuro, North Carolina State University
Tanner Verber, North Carolina State University
Abstract

Clouds have replaced most local backup systems as they offer strong availability and reliability guarantees. Clouds, however, are not (and should not be) used as backup for cryptographic secrets. Cryptographic secrets might control financial assets (e.g., crypto wallets), hence, storing such secrets on the cloud corresponds to sharing ownership of the financial assets with the cloud, and makes the cloud a more attractive target for insider attacks. Can we have the best of the two worlds, where a user, Alice, can conveniently store a copy of her cryptographic secrets on the cloud and she is the only one who can recover them (without trusting any entity)? Can she do so even when she loses her devices and forgets all credentials, while at the same time retaining full ownership of her secrets? In this paper, we provide a cloud-based secret-recovery mechanism where confidentiality is always guaranteed when Alice has not lost her credentials, even in the presence of a malicious cloud. If Alice loses all her credentials, she can still recover her secrets (in most circumstances). This is in contrast with all previous work that relies on the assumption that Alice remembers some authentication secret. We prove our system secure in the Universally Composable framework. Further, we implement our protocols and evaluate their performance.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Key ManagementBlockchainPublic-key CryptographySymmetric-key CryptographyTEE
Contact author(s)
dahmed @ ncsu edu
crorsini @ ncsu edu
ascafur @ ncsu edu
tverber @ ncsu edu
History
2024-05-21: revised
2023-09-01: received
See all versions
Short URL
https://ia.cr/2023/1308
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1308,
      author = {David Adei and Chris Orsini and Alessandra Scafuro and Tanner Verber},
      title = {How to Recover a Cryptographic Secret From the Cloud},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1308},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1308}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.