Your browser does not support JavaScript!

RASSS: a hijack-resistant confidential information management scheme for distributed systems

RASSS: a hijack-resistant confidential information management scheme for distributed systems

For access to this article, please select a purchase option:

Buy article PDF
(plus tax if applicable)
Buy Knowledge Pack
10 articles for $120.00
(plus taxes if applicable)

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Your details
Why are you recommending this title?
Select reason:
IET Computers & Digital Techniques — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

In distributed systems there is often a need to store and share sensitive information (e.g., encryption keys, digital signatures, login credentials etc.) among the devices. It is also generally the case that this piece of information cannot be entrusted to any individual device since the malfunction or compromising of one node could jeopardize the security of the entire system. Even if the information is split among the devices, there is still a risk when an attacker can compromise a group of them. Therefore we have designed and implemented a secure and robust secret sharing scheme to enable a more resilient sharing of confidential information. This solution provides three important features: (i) it uses threshold secret sharing to split the information into shares to be kept by all devices in the system; so the information can only be retrieved collaboratively by groups of devices; (ii) it guarantees the privacy of the confidential information under a certain number of passive hijacking attacks; and (iii) it ensures the integrity of the confidential information against any number of hijackers who actively and collusively attack the devices. It is able to identify all the compromised devices, while still keeping the secret unforgeable to attackers.

Related content

This is a required field
Please enter a valid email address