Mission Impossible: Securing Master Keys
This addresses the challenge of key security for cryptography practitioners, but it is incremental as it builds on existing ideas without introducing new methods.
The paper tackles the problem of securing secret master keys, arguing it is impossible to fully secure them but aims to make it as difficult as possible for adversaries. It proposes guidelines and solutions to increase security, without presenting specific technical results or numbers.
Securing a secret master key is a non-trivial task, we even argue it is impossible to fully secure it, hence we must make it as difficult as possible for any powerful adversary to steal or use the key. We introduce the reader to interesting cryptography which is starting to get more attention in terms of addressing the above problem, and we briefly overview some commercial and open-source products that can be used. Finally, we propose a set of solutions on how to secure master keys, more as guidelines rather than exact technical specifications, with aim to inspire and raise awareness of how to increase the security as much as possible.