Abstract
The rise of decentralized identity systems has posed significant challenges in the secure and scalable management of keys, especially in large-scale national identity programs. In this paper, we propose a new secure and scalable framework for cryptographic keys management that may be applied in a national digital identity system. The proposed framework provides a hierarchical structure for efficient key generation and isolation, while hardware security modules provide a secure environment for key storage and operations. Key wrapping is implemented to enable secure external storage of large volumes of keys. In our work, we present a comprehensive security analysis. Our analysis demonstrates the resilience of the framework against various threat vectors and its ability to address key management challenges such as complexity, scalability, security isolation, recovery and secure delegation. The proposed framework provides a promising solution for security and scalability of national-level identity systems.
| Original language | English |
|---|---|
| Title of host publication | 2024 17th International Conference on Security of Information and Networks, SIN 2024 |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| ISBN (Electronic) | 9798331509736 |
| DOIs | |
| Publication status | Published - 2024 |
| Event | 17th International Conference on Security of Information and Networks, SIN 2024 - Sydney, Australia Duration: 2 Dec 2024 → 4 Dec 2024 |
Publication series
| Name | 2024 17th International Conference on Security of Information and Networks, SIN 2024 |
|---|
Conference
| Conference | 17th International Conference on Security of Information and Networks, SIN 2024 |
|---|---|
| Country/Territory | Australia |
| City | Sydney |
| Period | 2/12/24 → 4/12/24 |
Bibliographical note
Publisher Copyright:© 2024 IEEE.
Keywords
- BIP32
- decentralized identity
- hardware security modules
- key management
- key wrapping