OpenHSM: An Open Key Life Cycle Protocol for Public Key Infrastructure’s Hardware Security Modules

Martina, Jean Everson; Souza, Túlio Cicero Salvaro de; Custódio, Ricardo Felipe

doi:10.1007/978-3-540-73408-6_16

Cited by 11 publications

(19 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Martina et al [15] proposed an open protocol targeted at secure private key management within hardware security modules (HSMs). The authors argued that such security modules protect the private key against attacks that involve logical and physical tampering or even the extraction of sensitive information from the protected area.…”

Section: Related Workmentioning

confidence: 99%

“…Sensor A tampering attempt transmission Sensor B tampering attempt transmission (15) (11) (5) (4) study of this system was carried out in Kazienko et al [6]. In such work, it was presented a mathematical analysis and small-scale experiments in order to measure what is the processing overhead due to the application of SENSORLock in communications between sensors.…”

Section: Broadcast Key Distributionmentioning

confidence: 99%

See 1 more Smart Citation

On the Performance of a Secure Storage Mechanism for Key Distribution Architectures in Wireless Sensor Networks

Kazienko

Filho

Moraes

et al. 2015

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

Security in wireless sensor networks (WSNs) demands efficient key management schemes. In particular, one of the main research challenges is to ensure secure key storage by sensors due to their constrained resources and high exposure to tampering attempts. To address this issue, we have proposed SENSORLock, a secure key storage mechanism which can be applied to different key distribution architectures for WSNs. In this work, we evaluate SENSORLock through different study cases considering three key distribution architectures: TinySec, SPINS, and NCD. Our goal is to demonstrate its feasibility in large-scale sensor networks. Simulation results indicate that our mechanism introduces an average overhead of 1.9% in terms of end to end delay and provides a similar estimated power consumption compared to the aforementioned architectures. Hence, we argue that it is feasible to use SENSORLock (i) in large-scale sensor networks and (ii) under different key distribution schemes.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Broadcast Key Distributionmentioning

confidence: 99%

On the Performance of a Secure Storage Mechanism for Key Distribution Architectures in Wireless Sensor Networks

Kazienko

Filho

Moraes

et al. 2015

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

show abstract

“…As already exposed in section 1, this work is directly derived from the work by Martina [13] in the effort of establishing an open protocol to run embedded in HSMs. The protocols proposed by Martina in his work are used to create a liable environment to store our private keys for PKI usage.…”

Section: Related Workmentioning

confidence: 99%

“…To authenticate, the algorithm authenticateGroup uses a nonce u in order to avoid Dolev-Yao's replay attack [6] as explained by Martina [13].…”

Section: Basic Algorithmsmentioning

confidence: 99%

See 1 more Smart Citation

Audit and backup procedures for hardware security modules

Souza¹,

Martina

Custódio³

2008

Proceedings of the 7th Symposium on Identity and Trust on the Internet

Self Cite

View full text Add to dashboard Cite

Hardware Security Modules (HSMs) are an useful tool to deploy public key infrastructure (PKI) and its applications. This paper presents necessary procedures and protocols to perform backup and audit in such devices when deployed in PKIs. These protocols were evaluated in an implementation of a real HSM, enabling it to perform secure backups and to provide an audit trail, two important considerations for a safe PKI operation. It also introduces a ceremony procedure to support the operation of such HSMs in a PKI environment.

show abstract

SENSORLock: a lightweight key management scheme for wireless sensor networks

Kazienko

Ribeiro

Moraes

et al. 2013

Security Comm Networks

View full text Add to dashboard Cite

Security in wireless sensor networks demands an efficient key management scheme. As sensors typically operate unattended, it becomes quite important to ensure security to cryptographic keys stored in their memories. In this scenario, the development of lightweight encryption mechanisms is a challenge because of sensor‐constrained resources. In this work, we present a mechanism tailored to sensor networks called SENSORLock applying it to a specific case. Our main contribution is to propose, analyze, and demonstrate the feasibility of SENSORLock for secure symmetric key distribution solving the stored key exposure problem. Analytical results demonstrate that this approach increases the system's security against the tampering of sensor nodes. Additionally, the mechanism is evaluated using simulation and practical experiments, using the TinyOS platform. Simulation results reveal that this scheme introduces very low processing overhead, in the order of nanoseconds, and an estimated power consumption quite similar to existing approaches. Besides, practical experiments indicate that the scheme can be deployed by off‐the‐shelf sensors, such as MicaZ and TelosB. Copyright © 2013 John Wiley & Sons, Ltd.

show abstract

OpenHSM: An Open Key Life Cycle Protocol for Public Key Infrastructure’s Hardware Security Modules

Cited by 11 publications

References 7 publications

On the Performance of a Secure Storage Mechanism for Key Distribution Architectures in Wireless Sensor Networks

On the Performance of a Secure Storage Mechanism for Key Distribution Architectures in Wireless Sensor Networks

Audit and backup procedures for hardware security modules

SENSORLock: a lightweight key management scheme for wireless sensor networks

Contact Info

Product

Resources

About