Presentation | 2017-03-03 A Study on the Secure Sharing of User Authentication Private Keys among Devices Belonging to the Same Owner Hideo Nishimura, Yoshihiko Omori, Takao Yamashita, Tetsuya Iwata, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | In recent authentication based on the public-key cryptography, private keys are generated and kept inside the secure area of a device to prevent a key-theft. When users have multiple devices, this characteristic causes a usability issue that the users have to do re-registration a lot of times (per Web site and per device). In our existing approach, private keys are stored in an external keystore so that the devices can share the keys. However, the existing approach has a risk that the keys can be misused by attacking the keystore that is widely accessible via the Internet. In this paper, we propose an approach for sharing private keys directly among devices. In our new approach, the trusted third party ensures who owns a device by checking identity of the owner and allows key-sharing only among the devices belonging to the same owner. We also conducted a comparative evaluation of usability, deployability, and security of the new and the existing approaches. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Web Authentication / Public Key Cryptography / Password-less / FIDO (Fast Identity Online) |
Paper # | IN2016-172 |
Date of Issue | 2017-02-23 (IN) |
Conference Information | |
Committee | NS / IN |
---|---|
Conference Date | 2017/3/2(2days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | OKINAWA ZANPAMISAKI ROYAL HOTEL |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | General |
Chair | Hideki Tode(Osaka Pref. Univ.) / Katsunori Yamaoka(Tokyo Inst. of Tech.) |
Vice Chair | Yoshikatsu Okazaki(NTT) / Takuji Kishida(NTT) |
Secretary | Yoshikatsu Okazaki(Kyushu Inst. of Tech.) / Takuji Kishida(NTT) |
Assistant | Shohei Kamamura(NTT) / Kunitake Kaneko(Keio Univ.) / Takashi Natsume(NTT) |
Paper Information | |
Registration To | Technical Committee on Network Systems / Technical Committee on Information Networks |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | A Study on the Secure Sharing of User Authentication Private Keys among Devices Belonging to the Same Owner |
Sub Title (in English) | |
Keyword(1) | Web Authentication |
Keyword(2) | Public Key Cryptography |
Keyword(3) | Password-less |
Keyword(4) | FIDO (Fast Identity Online) |
1st Author's Name | Hideo Nishimura |
1st Author's Affiliation | NTT Corporation(NTT) |
2nd Author's Name | Yoshihiko Omori |
2nd Author's Affiliation | NTT Corporation(NTT) |
3rd Author's Name | Takao Yamashita |
3rd Author's Affiliation | NTT Corporation(NTT) |
4th Author's Name | Tetsuya Iwata |
4th Author's Affiliation | NTT Corporation(NTT) |
Date | 2017-03-03 |
Paper # | IN2016-172 |
Volume (vol) | vol.116 |
Number (no) | IN-485 |
Page | pp.pp.449-454(IN), |
#Pages | 6 |
Date of Issue | 2017-02-23 (IN) |