การเปรียบเทียบประสิทธิภาพของระบบกู้คืนกุญแจลับแบบหลายเอเจนต์ที่ไม่อาศัยศูนย์กลาง  ระหว่าง IHADM-KRS และ SSDM-KRS

Kanokwan Kanyamee; Jumroon Chankulchorn

Authors

Kanokwan Kanyamee Information Technology Program, Faculty of Science and Technology, Uttaradit Rajabhat University
Jumroon Chankulchorn Information Technology Program, Faculty of Science and Technology, Uttaradit Rajabhat University

Keywords:

Secret Key Recovery, Multi-Agent, Security, Comparative, Performance

Abstract

Managing the risks of secret keys from attacks or loss is a critical aspect of maintaining information security. The Key Recovery System (KRS) is a technology developed to mitigate such risks. This study aims to analyze and compare the performance of two types of Multiple Key Recovery Systems (M-KRS): SSDM-KRS and IHADM-KRS, focusing on three key processes: (1) creation of the Key Recovery Field (KRF), (2) key recovery in normal conditions, and (3) key recovery in scenarios where some Key Recovery Agents (KRAs) fail or are unavailable. The experiment simulated KRA operations ranging from 5 to 50 agents, with a minimum recovery threshold set at two agents. The performance evaluation of KRF creation revealed that SSDM-KRS outperformed IHADM-KRS in terms of processing speed due to its simpler structure, while IHADM-KRS demonstrated greater flexibility in KRA management and offered higher security. In normal recovery scenarios without KRA failures, both systems achieved comparable recovery times. However, in scenarios with KRA failures, IHADM-KRS maintained stable recovery performance and high security but required more time than SSDM-KRS, particularly as the number of KRAs increased. The findings indicate that selecting an appropriate key recovery system should align with performance requirements and security policies. Both systems were designed to resist KRA collusion and are robust against failures, thereby enhancing the overall security of the system.

References

กนกวรรณ กันยะมี. (2566). การกระจายและการแชร์กุญแจลับอย่างง่ายบนระบบการกู้คืนกุญแจแบบหลายเอเจนต์ที่ไม่อาศัยศูนย์กลาง. วารสารวิทยาศาสตร์และเทคโนโลยี มหาวิทยาลัยราชภัฏมหาสารคาม, 6(1), 104-115.

กนกวรรณ กันยะมี. (2566). การปรับปรุงฟิลด์การกู้คืนกุญแจ เพื่อแก้ปัญหาการสมรู้ร่วมคิดกันระหว่างเอเจนต์ บนระบบการกู้คืนกุญแจแบบไม่อาศัยศูนย์กลาง. รายงานสืบเนื่องจากการประชุมวิชาการระดับชาติวิทยาศาสตร์และเทคโนโลยีระหว่างสถาบัน ครั้งที่ 9. (น. 651-658). มหาวิทยาลัยหอการค้าไทย.

Abelson, H., Anderson, R., Bellovin, S. M., Benaloh, J., Blaze, M., Diffie, W., Gilmore, J., Neumann, P. G., Rivest, R. L., Schiller, J. I., & Schneier, B. (1997). The risks of key recovery, key escrow, and trusted third-party encryption. World Wide Web Journal, 2(3), 241-257.

Al-Salqan, Y. Y. (1997). Cryptographic key recovery. Proceedings of the Sixth IEEE Computer Society Workshop on Future Trends of Distributed Computing Systems (pp. 34-37). IEEE Computer Society. https://doi.org/10.1109/FTDCS.1997.644700

Arbogast, J. K., Sumner, I. B., & Lam, M. O. (2018). Parallelizing Shamir’s secret sharing algorithm. Journal of Computing Sciences in Colleges, 33(3), 12-18.

Canetti, R., Gennaro, R., Jarecki, S., Krawczyk, H., & Rabin, T. (1999). Adaptive security for threshold cryptosystems. In M. Wiener (Ed.), Advances in cryptology—CRYPTO ’99 (Vol. 1666, pp. 98–116). Springer. https://doi.org/10.1007/3-540-48405-1_7

Hughes, L. E. (2022). Basic cryptography: Symmetric key encryption. In Pro Active Directory Certificate Services

(pp. 3-17). Apress. https://doi.org/10.1007/978-1-4842-7486-6_1

Kanyamee, K., & Sathitwiriyawong, C. (2014). High-availability decentralized cryptographic multi-agent key recovery.

The International Arab Journal of Information Technology, 11(1), 52-60.

Kim, T., Kim, W., Seo, D., & Lee, I. (2021). Secure encapsulation schemes using key recovery system in IoMT environments. Sensors, 21(10), Article 3474. https://doi.org/10.3390/s21103474

Lim, S., Kang, S., & Sohn, J. (2003). Modeling of multiple agent based cryptographic key recovery protocol. Proceedings of the 19th Annual Computer Security Applications Conference, 119–128. IEEE Computer Society. https://doi.org/10.1109/CSAC.2003.1254317

National Institute of Standards and Technology. (1998). Requirements for key recovery products: Final report. Federal Information Processing Standard for Federal Key Management Infrastructure.

Shamir, A. (1979). How to share a secret. Communications of the ACM, 22(11), 612-613. https://doi.org/10.1145/359168.359176

Stallings, W. (2023). Cryptography and network security: Principles and practice (8th ed.). Pearson.