On the difficulty of protecting private keys in software

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)


This paper makes simple observation on security of the networked cryptographic device resilient to capture that was developed to protect user’s private keys by software-only techniques. That scheme provided valuable features for secure generation of digital signatures or decryption of messages in a way of retaining a password-protected private key in a user-controlled device. The key idea was to exploit network connectivity rather than tamper-resistance of the device for securing the private key in software. However, we have found a few weak points that are not negligible in some sense. It was difficult to protect the private key in software even with provable security. So, we will describe such difficulties and provide possible solutions in this paper. Also the networked cryptographic devices will be augmented in that fashion.

Original languageEnglish
Title of host publicationInformation Security - 5th International Conference, ISC 2002, Proceedings
EditorsAgnes Hui Chan, Virgil Gligor
PublisherSpringer Verlag
Number of pages15
ISBN (Print)3540442707, 9783540442707
Publication statusPublished - 2002
Event5th International Conference on Information Security, ISC 2002 - Sao Paulo, Brazil
Duration: 2002 Sept 302002 Oct 2

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other5th International Conference on Information Security, ISC 2002
CitySao Paulo

Bibliographical note

Publisher Copyright:
© Springer-Verlag Berlin Heidelberg 2002.

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'On the difficulty of protecting private keys in software'. Together they form a unique fingerprint.

Cite this