CrySIL: Bringing Crypto to the Modern User

Florian Reimair, Peter Teufl, Thomas Zefferer

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in Buch/BerichtBegutachtung

Abstract

Modern times introduced a highly heterogeneous device landscape. The landscape was populated by distributed applications. These applications are used by modern multi-device users. A modern user wants to create, process, and share potentially sensitive data among her devices. For instance, start a document at the smart phone, continue on the laptop and finish the document on a tablet. A common way to protect sensitive data against disclosure and theft is cryptography. Cryptography, however, requires for all devices in question to be able to perform appropriate operations and protect the subsequent cryptographic primitives against attacks. Unfortunately, different devices have different capabilities when it comes to cryptography. Some have hardware-backed solutions available, some cannot do any cryptography at all. In general, it is hard to provide adequate (and potentially equal) cryptographic methods on every device of the modern landscape – be it rather basic and well-known schemes or new methodologies that are long awaited to stand the challenges of the cloud. In order to tackle the above mentioned status and bring cryptography to the modern multi-device user, we present CrySIL, the Cryptographic Service Interoperability Layer. CrySIL is designed as a flexible and extensible layer between the user and the cryptographic primitive. In a nutshell, CrySIL can use local key storage solutions, offers remote key storage and crypto provider deployments, and features strong authentication methodologies to constrain access to cryptographic primitives. In this work, we explain the motivation of CrySIL, describe its architecture, highlight its deployment in a typical modern use case, and reflect on achievements and shortcomings.
Originalspracheenglisch
TitelWeb Information Systems and Technologies
Untertitel11th International Conference, WEBIST 2015, Lisbon, Portugal, May 20-22, 2015, Revised Selected Papers
Redakteure/-innenValérie Monfort, Karl-Heinz Krempels, Tim A. Majchrzak, Ẑiga Turk
Herausgeber (Verlag)Springer
Seiten70-90
Seitenumfang20
Auflage1
ISBN (elektronisch)978-3-319-30996-5
ISBN (Print)978-3-319-30995-8
DOIs
PublikationsstatusVeröffentlicht - 22 März 2016

Publikationsreihe

NameLecture Notes in Business Information Processing
Herausgeber (Verlag)Springer International Publishing
Band246
ISSN (elektronisch)1865-1348

Fields of Expertise

  • Information, Communication & Computing
  • A-SIT - Zentrum für sichere Informationstechnologie Austria

    Stranacher, K., Dominikus, S., Leitold, H., Marsalek, A., Teufl, P., Bauer, W., Aigner, M. J., Rössler, T., Neuherz, E., Dietrich, K., Zefferer, T., Mangard, S., Payer, U., Orthacker, C., Lipp, P., Reiter, A., Knall, T., Bratko, H., Bonato, M., Suzic, B., Zwattendorfer, B., Kreuzhuber, S., Oswald, M. E., Tauber, A., Posch, R., Bratko, D., Feichtner, J., Ivkovic, M., Reimair, F., Wolkerstorfer, J. & Scheibelhofer, K.

    21/05/996/08/20

    Projekt: Arbeitsgebiet

Dieses zitieren