TY - GEN
T1 - Quantum cryptography for the benefit of API keys safety
AU - Ramadhan Ghilen, Aymen
AU - Mohamed Zahou, Amel
AU - Abedelmonem Ben Khalifa, Wiem
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - To cope with the unauthorized access to the cloud treasure of resources and services, several cloud service providers implement the API-based access control approach and grant thus a full authentication of any client application. Once called, each cloud API (Application Programming Interface) is required to authenticate through a secret access key, commonly termed API key. A plethora of security risks is associated with these keys whether during their generation, storage, or utilization. The hardware secure element-based proposal aims for an end-to-end security between a cloud service provider and a client application. To ensure a reliable and secure API key exchange, the concerned entities rely on Public Key Infrastructure (PKI). As soon as an adversary acquires an unbounded computing power, it would be easy to intercept the keys and then unlock the gate behind the valuables over the cloud. In this paper, we propose a revised scheme that discards the PKI and installs a quantum mechanism to mutually authenticate the secure element and the cloud service provider by establishing a set of shared keys. A pioneering absolute security of the presented approach is warranted by the principles of quantum physics. To analyze the security of the quantum technology, we establish a formal verification based on PRISM model checking tool. We outstandingly focus on satisfying two prominent properties: (i) both the parties engaged in the quantum protocol are able to detect any disallowed eavesdropping and (ii) the valid amount of information caught by an adversary on the installed key must be negligible.
AB - To cope with the unauthorized access to the cloud treasure of resources and services, several cloud service providers implement the API-based access control approach and grant thus a full authentication of any client application. Once called, each cloud API (Application Programming Interface) is required to authenticate through a secret access key, commonly termed API key. A plethora of security risks is associated with these keys whether during their generation, storage, or utilization. The hardware secure element-based proposal aims for an end-to-end security between a cloud service provider and a client application. To ensure a reliable and secure API key exchange, the concerned entities rely on Public Key Infrastructure (PKI). As soon as an adversary acquires an unbounded computing power, it would be easy to intercept the keys and then unlock the gate behind the valuables over the cloud. In this paper, we propose a revised scheme that discards the PKI and installs a quantum mechanism to mutually authenticate the secure element and the cloud service provider by establishing a set of shared keys. A pioneering absolute security of the presented approach is warranted by the principles of quantum physics. To analyze the security of the quantum technology, we establish a formal verification based on PRISM model checking tool. We outstandingly focus on satisfying two prominent properties: (i) both the parties engaged in the quantum protocol are able to detect any disallowed eavesdropping and (ii) the valid amount of information caught by an adversary on the installed key must be negligible.
KW - API keys
KW - Authentication
KW - Cloud API
KW - PRISM
KW - Quantum cryptography
UR - https://www.scopus.com/pages/publications/85139064328
U2 - 10.1109/SETIT54465.2022.9875712
DO - 10.1109/SETIT54465.2022.9875712
M3 - Conference contribution
AN - SCOPUS:85139064328
T3 - 2022 IEEE 9th International Conference on Sciences of Electronics, Technologies of Information and Telecommunications, SETIT 2022
SP - 343
EP - 348
BT - 2022 IEEE 9th International Conference on Sciences of Electronics, Technologies of Information and Telecommunications, SETIT 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 9th IEEE International Conference on Sciences of Electronics, Technologies of Information and Telecommunications, SETIT 2022
Y2 - 28 May 2022 through 30 May 2022
ER -