#RSAC 
Example 1: (2,3)-threshold Secret Splitting Scheme 
STEP 2: Split the Secret into Multiple Shares 
 
=
 
=
 
=
Share 
Share 
Share 
Generate 
Master
Key 
At least 2 shares must be 
combined to reconstruct the MK 
Convert pdf to word text document - control Library platform:C# PDF Convert to Text SDK: Convert PDF to txt files in C#.net, ASP.NET MVC, WinForms, WPF application
C# PDF to Text (TXT) Converting Library to Convert PDF to Text
www.rasteredge.com
Convert pdf to word text document - control Library platform:VB.NET PDF Convert to Text SDK: Convert PDF to txt files in vb.net, ASP.NET MVC, WinForms, WPF application
VB.NET Guide and Sample Codes to Convert PDF to Text in .NET Project
www.rasteredge.com
#RSAC 
Example #2: Arbitrary Sharing Scheme 
STEP 2: Split the Secret into Multiple Shares 
 
=
 
=
 
Share 
Share 
Share 
Master
Key 
≠ 
Only a subset of combinations 
can reconstruct  MK 
control Library platform:VB.NET PDF Convert to Word SDK: Convert PDF to Word library in vb.
VB.NET Tutorial for How to Convert PDF to Word (.docx) Document in VB.NET. using RasterEdge.XDoc.PDF; Convert PDF to Word Document in VB.NET Demo Code.
www.rasteredge.com
control Library platform:C# PDF Convert to Word SDK: Convert PDF to Word library in C#.net
do we need this PDF to Word converting library third-party software, you can hardly edit PDF document. this situation, you need to convert PDF document to some
www.rasteredge.com
#RSAC 
STEP 3: Distribute and Store Shares 
Distribute shares across multiple secure stores in 
different devices 
Define access-control policies using one or 
multiple authentication factors 
Secure stores make access-control decisions based on presented 
credentials before releasing shares 
Master key can be reconstructed only if appropriate number of 
shares are released and combined 
28 
control Library platform:C# Convert: PDF to Word: How to Convert Adobe PDF to Microsoft
Empower C# users to easily convert PDF document to Word document. Support fast Word and PDF conversion with original document page size remained.
www.rasteredge.com
control Library platform:VB.NET Create PDF from Word Library to convert docx, doc to PDF in
Export all Word text and image content into high quality Create PDF files from both DOC and DOCX formats. Convert multiple pages Word to fillable and editable
www.rasteredge.com
#RSAC 
Secret Shares Management Concerns 
Secret shares replacement scenarios 
Mobile or wearable device lost/stolen 
Device/Application data wiped 
Master key or shares compromised 
Consider 
Combining shares in wearable device and on server to restore MK 
Generate dedicated restore share and protect it in backup & 
restore service 
control Library platform:C# Create PDF from Word Library to convert docx, doc to PDF in C#.
C#.NET control able to turn all Word text and image content into high quality PDF without losing Convert multiple pages Word to fillable and editable PDF
www.rasteredge.com
control Library platform:C# PDF Text Extract Library: extract text content from PDF file in
But sometimes, we need to extract or fetch text content from source PDF document file for word processing, presentation and desktop publishing applications.
www.rasteredge.com
#RSAC 
Secret Splitting Approach 
Challenges/Weaknesses 
Crypto is well-studied and provably secure; however, it 
depends on correct implementations 
Careful design for shares distribution and access-control structure  
Can be complex to implement 
Doesn’t address memory attacks on rooted/jailbroken 
devices 
control Library platform:VB.NET PDF Text Extract Library: extract text content from PDF
SharePoint. Extract text from adobe PDF document in VB.NET Programming. Extract file. Extract highlighted text out of PDF document. Image
www.rasteredge.com
control Library platform:VB.NET PDF Convert to HTML SDK: Convert PDF to html files in vb.
Embed zoom setting (fit page, fit width). Free library for .NET framework. Why do we need to convert PDF document to HTML webpage using VB.NET programming code?
www.rasteredge.com
#RSAC 
Pros & Cons: Store It, Protect It  
Storage and 
Protection Methods 
User  
Convenience 
Ease of 
Implementation 
HW/OS  
Independent 
Security  
Level 
Withstand 
Rooted 
Access 
Local File System,  
PW protected 
Med 
High 
Yes 
Low 
Low 
Mobile Database,  
PW protected 
Med 
High 
Yes 
Low 
Low 
Native Key Store, 
PIN/MFA protected 
High 
High 
Yes 
Med 
Low 
Hardware SE,  
PIN Protected 
High 
Low 
No 
Medium 
Medium 
Local/Remote Server, 
MFV Protected 
High 
Medium 
Yes 
Med 
Med 
Distributed Secret 
Share Stores, 
MFV protected 
High 
Low 
Yes 
High 
High 
#RSAC 
Recommendations 
Avoid storing secrets on mobile devices 
Don’t hard-code secrets or store them in clear-text files 
Use SEs when possible 
Increases integrity of data 
Reduces chance of data tampering 
Use secret sharing approach  
Physical device access will be inconsequential 
Servers and wearable devices can help with data restore 
#RSAC 
Recommendations: Continued… 
If you use secret sharing approach 
Use native key stores and strengthen access-control with multi-
factor verification 
Use TLS or AES when transmitting shares over the network 
Don’t back-up or cache all or subset of shares that can be 
combined to reconstruct master key 
#RSAC 
Security/Authentication Initiatives & Alliances 
FIDO  
Mobile OS independent, multi-factor verification  
Cloud Security Alliance  
Scalable authentication from mobile devices to multiple, heterogeneous cloud 
providers 
Open ID Connect 
Standards-based authentication protocol built on top of OAuth 2.0 developed 
by the OpenID Foundation  - support for ‘Android accounts’ 
Global Platform 
Standards for managing applications on secure chip technology 
SIM Alliance 
Secure Element ecosystem  - facilitate delivery of secure mobile apps. 
#RSAC 
References 
http://en.wikipedia.org/wiki/Message_Authentication_Code 
http://www.kandroid.org/online-pdk/guide/stk.html 
http://code.google.com/p/seek-for-android/wiki/SecurityConcept 
http://www.nearfieldcommunication.org/bluetooth.html 
http://www.smartcardalliance.org/pages/publications-nfc-frequently-asked-questions 
http://nelenkov.blogspot.in/2013/08/credential-storage-enhancements-android-43.html 
https://developer.android.com/training/articles/security-tips.html 
https://code.google.com/p/android/issues/detail?id=57560 
http://www.internetsociety.org/sites/default/files/02_4.pdf 
http://www.elcomsoft.com/WP/BH-EU-2012-WP.pdf 
http://en.wikipedia.org/wiki/Secret_sharing 
http://mista.nu/research/early_random-paper.pdf   
http://android-developers.blogspot.co.il/2013/08/some-securerandom-thoughts.html 
Documents you may be interested
Documents you may be interested