TY - CHAP
T1 - Privacy enhancements for hardware-based security modules
AU - Pasupathinathan, Vijayakrishnan
AU - Pieprzyk, Josef
AU - Wang, Huaxiong
PY - 2011
Y1 - 2011
N2 - The increasing growth in the use of Hardware Security Modules (HSMs) towards identification and authentication of a security endpoint have raised numerous privacy and security concerns. HSMs have the ability to tie a system or an object, along with its users to the physical world. However, this enables tracking of the user and/or an object associated with the HSM. Current systems do not adequately address the privacy needs and as such are susceptible to various attacks. In this work, we analyse various security and privacy concerns that arise when deploying such hardware security modules and propose a system that allow users to create pseudonyms from a trusted master public-secret key pair. The proposed system is based on the intractability of factoring and finding square roots of a quadratic residue modulo a composite number, where the composite number is a product of two large primes. Along with the standard notion of protecting privacy of an user, the proposed system offers colligation between seemingly independent pseudonyms. This new property when combined with HSMs that store the master secret key is extremely beneficial to a user, as it offers a convenient way to generate a large number of pseudonyms using relatively small storage requirements.
AB - The increasing growth in the use of Hardware Security Modules (HSMs) towards identification and authentication of a security endpoint have raised numerous privacy and security concerns. HSMs have the ability to tie a system or an object, along with its users to the physical world. However, this enables tracking of the user and/or an object associated with the HSM. Current systems do not adequately address the privacy needs and as such are susceptible to various attacks. In this work, we analyse various security and privacy concerns that arise when deploying such hardware security modules and propose a system that allow users to create pseudonyms from a trusted master public-secret key pair. The proposed system is based on the intractability of factoring and finding square roots of a quadratic residue modulo a composite number, where the composite number is a product of two large primes. Along with the standard notion of protecting privacy of an user, the proposed system offers colligation between seemingly independent pseudonyms. This new property when combined with HSMs that store the master secret key is extremely beneficial to a user, as it offers a convenient way to generate a large number of pseudonyms using relatively small storage requirements.
UR - http://www.scopus.com/inward/record.url?scp=84872119980&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-20077-9_16
DO - 10.1007/978-3-642-20077-9_16
M3 - Chapter
AN - SCOPUS:84872119980
SN - 9783642200762
T3 - Communications in Computer and Information Science
SP - 224
EP - 236
BT - e-Business and Telecommunications
A2 - Obaidat, Mohammad S.
A2 - Filipe, Joaquim
PB - Springer, Springer Nature
CY - Heidelberg
T2 - 6th International Joint Conference on e-Business and Telecommunications, ICETE 2009
Y2 - 7 July 2009 through 10 July 2009
ER -