Cryptography plays a key role in all the aspects of today cybersecurity and any cryptographic approach relies on cryptographic keys, i.e., series of bits that determine how a plain text is encrypted and decrypted, according to an agreed algorithm. The secrecy and security of an encryption key are thus crucial and fundamental: if the cryptographic key is compromised and known, everyone can decrypt a text encrypted according to the strongest encryption algorithm. As a consequence, several Key Management Systems (KMS) have been developed to easily support the management of cryptographic keys, whose number is constantly increasing, due to the amount of devices and communications that take place today, even in very restricted contexts. SEkey is a key management system developed targeting a distributed environment, where it is possible to identify a single central manager that acts as a Key Distribution Center (KDC) and many users that locally store and manage their own keys. Users, to a certain extent, can also work ‘offline’ without being always in direct communication with the central manager. SEkey is built leveraging the functionalities and physical properties of the SEcubeTM Hardware Security Module (HSM). All the key values and critical information are stored inside the SEcubeTM and never leave the device in clear, and all the cryptographic operations are performed by the SEcubeTM itself. The guidelines provided by NIST where followed during the whole development process, guaranteeing all the most important security features and principles.

SEkey: a distributed hardware-based key management system / Fornero, Matteo; Maunero, Nicolò; Prinetto, Paolo; Varriale, Antonio. - ELETTRONICO. - (2020), pp. 1-7. ((Intervento presentato al convegno 2020 IEEE East-West Design & Test Symposium (EWDTS) tenutosi a Varna (BG) nel September 4-7, 2020 [10.1109/EWDTS50664.2020.9225107].

SEkey: a distributed hardware-based key management system

Maunero, Nicolò;Prinetto, Paolo;
2020

Abstract

Cryptography plays a key role in all the aspects of today cybersecurity and any cryptographic approach relies on cryptographic keys, i.e., series of bits that determine how a plain text is encrypted and decrypted, according to an agreed algorithm. The secrecy and security of an encryption key are thus crucial and fundamental: if the cryptographic key is compromised and known, everyone can decrypt a text encrypted according to the strongest encryption algorithm. As a consequence, several Key Management Systems (KMS) have been developed to easily support the management of cryptographic keys, whose number is constantly increasing, due to the amount of devices and communications that take place today, even in very restricted contexts. SEkey is a key management system developed targeting a distributed environment, where it is possible to identify a single central manager that acts as a Key Distribution Center (KDC) and many users that locally store and manage their own keys. Users, to a certain extent, can also work ‘offline’ without being always in direct communication with the central manager. SEkey is built leveraging the functionalities and physical properties of the SEcubeTM Hardware Security Module (HSM). All the key values and critical information are stored inside the SEcubeTM and never leave the device in clear, and all the cryptographic operations are performed by the SEcubeTM itself. The guidelines provided by NIST where followed during the whole development process, guaranteeing all the most important security features and principles.
978-1-7281-9898-9
File in questo prodotto:
File Dimensione Formato  
SEkey - A Distributed Hardware-based Key Management System.pdf

accesso aperto

Descrizione: Articolo principale
Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: PUBBLICO - Tutti i diritti riservati
Dimensione 283.16 kB
Formato Adobe PDF
283.16 kB Adobe PDF Visualizza/Apri
09225107.pdf

non disponibili

Descrizione: Articolo principale
Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 332.44 kB
Formato Adobe PDF
332.44 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

Caricamento pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2846368