The proactive security toolkit and applications

Boaz Barak, Amir Herzberg, Dalit Naor, Eldad Shai
1999 Proceedings of the 6th ACM conference on Computer and communications security - CCS '99  
Existing security mechamsms |bcus on prevention of penetrations, detection of a penetration and (manual) recovery tools Indeed attackers focus their penetration efforts on breaking into critical modules, and on avoiding detection of the attack. As a result, security tools and procedures may cause the attackers to lose control over a specific module (computer, account), since the attacker would rather lose control than risk detection of the attack. While controlling the module, attacker may
more » ... critical secret information or modify the module that make it much easier for the attacker to regain control over that module later Recent results in cryptography give some hope of improving this situation; they show that many fundamental security tasks can be achieved w~th proacttve security Proact~ve security does not assume that there is any module completely secure agamst penetration Instead, we assume that at any given time period (day, week,. ), a sufficient number of the modules in the system are secure (not penetrated). The results obtamed so far include some of the most important cryptographic primitives such as signatures, secret sharing, and secure communication However, there was no usable implementation, and several critical issues (for actual use) were not addressed In this work we report on a practical toolkit implementmg the key proacttve security mechanisms The toolkit provides secure interfaces to make it easy for applications to recover from penetrations. The toolkit also addresses other critical Implementation issues, such as the initialization of the proactwe secure system We describe the toolkit and discuss some of the potential applications Some applications require mmlmal enhancements to the existing implementations -e g. for secure logging (especially for intrusion detectmn), secure end-to-end communication and tlmestampmg Other applications require more significant enhancements, mainly distribution over multiple servers, examples are certification authority, key recovery, and secure file system or archive Permission to make digital or hard copies of all or part of thin work for personal or classroom use is granted without fee provided that copies ere not made or distributed for profit or commercial advant -age and that copies hear this notice and the full citation on the first page To copy otherwise, to tepubhsh, to post on servers or to redmtrlbute to lists, requires prior specific permission and/or a fee CCS '99 11/99 Singapore © 1999 ACM 1-58113-148-8/99/0010 . $5.00
doi:10.1145/319709.319713 dblp:conf/ccs/BarakHNS99 fatcat:6hmvurp7urdgff6tg4tnplsj4q