Segregating Keys from noncense: Timely Exfil of Ephemeral Keys from Embedded Systems

Debes, Heini Bergsson; Giannetsos, Thanassis

doi:10.1109/dcoss52077.2021.00029

Cited by 1 publication

(1 citation statement)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since it is only the Holder (as the Identity Owner) that knows the (private) key associated with a DID, the level of control and credential management assurance relies solely on possessing and controlling the private key, which in current designs is a software-based key. However, the use of a software keystore introduces many security risks and raises trustworthiness issues [5], [6]. So the above challenge translates into the more technical question: How can a Verifier be sure that the respective key of the Holder presenting a VC remains under her control, and cannot be used by any other unauthorized entity?…”

Section: Introductionmentioning

confidence: 99%

Achieving Higher Level of Assurance in Privacy Preserving Identity Wallets

Larsen,

El Kassem,

Giannetsos

et al. 2023

2023 IEEE 22nd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)

Self Cite

View full text Add to dashboard Cite

Recent advances in decentralized digital identity based on Verifiable Credentials utilize identity wallets to ensure that the identity data control remains with the user. However, they still lack higher Level of Assurance guarantees, restricting their full potential. In this paper, we design and showcase DOOR, a scheme that enables identity wallets to utilize a hardware root of trust and bring them in alignment with emerging regulations and standards that require higher level of assurances for services (e.g. eIDAS). At the same time, we make sure that privacy-enhancing properties like selective-disclosure are fully supported, in order to make the wallet compliant with privacy regulations (e.g. GDPR). To achieve all these we have designed an enhanced variant of DAA-A crypto protocol to offer anonymity, unlinkability, and unforgeability, while being the first to offer strong guarantees on the Wallet's integrity when constructing attribute attestations. We formally prove the security properties of DOOR and evaluate the performance of its implementation for every phase of the credential management.

show abstract

Section: Introductionmentioning

confidence: 99%