KPaM: A Key Protection Framework for Mobile Devices Based on Two-party Computation

Key protection on mobile devices is attracting more attention with the rapid growth of mobile payment. There are many key protection methods proposed in academia from the following three aspects. The first is from algorithmic perspective, such as white-box cryptography. The second is from physical protection perspective, such as secure element (SE). The last is from key escrow perspective, such as cloud secure element (Cloud SE). The security of the white box cryptography has not yet reached an agreement in academia, and SE cannot defend against unknown side channel attacks in the future since it can hardly be updated. With regard to Cloud SE, the user has to totally trust the cloud, including the cloud provider, the cloud environment, etc. However, with the development of attack methods, the complete credibility of the cloud has gradually become an excessive requirement. In this paper, we propose KPaM, a low-cost and flexible key protection framework for mobile devices, which can mitigate the issues described above. The main idea of KPaM is inspired by emerging two-party computation algorithm. The private key is split into two parts, stored and used in the mobile device and the cloud respectively. The cloud does not store the complete key, so there is no need to worry about the abuse of the user's private key. On the mobile side, we get rid of SE and use TEE (trusted execution environment) to perform cryptographic operations and access control mechanism, which realizes the functions of secure storage and trust path. At last, we take SM2 algorithm as an example to validate KPaM and evaluate its security and efficiency.