A Hybrid PKI-IBC Based Ephemerizer System

  • Srijith K. Nair
  • Mohammad T. Dashti
  • Bruno Crispo
  • Andrew S. Tanenbaum
Conference paper

DOI: 10.1007/978-0-387-72367-9_21

Part of the IFIP International Federation for Information Processing book series (IFIPAICT, volume 232)
Cite this paper as:
Nair S.K., Dashti M.T., Crispo B., Tanenbaum A.S. (2007) A Hybrid PKI-IBC Based Ephemerizer System. In: Venter H., Eloff M., Labuschagne L., Eloff J., von Solms R. (eds) New Approaches for Security, Privacy and Trust in Complex Environments. SEC 2007. IFIP International Federation for Information Processing, vol 232. Springer, Boston, MA

Abstract

The concept of an Ephemerizer system has been introduced in earlier works as a mechanism to ensure that a file deleted from the persistent storage remains unrecoverable. The principle involved storing the data in an encrypted form in the user’s machine and the key to decrypt the data in a physically separate machine. However the schemes proposed so far do not provide support for fine-grained user settings on the lifetime of the data nor support any mechanism to check the integrity of the system that is using the secret data. In addition we report the presence of a vulnerability in one version of the proposed scheme that can be exploited by an attacker to nullify the ephemeral nature of the keys. We propose and discuss in detail an alternate Identity Based cryptosystem powered scheme that overcomes the identified limitations of the original system.

Download to read the full conference paper text

Copyright information

© International Federation for Information Processing 2007

Authors and Affiliations

  • Srijith K. Nair
    • 1
  • Mohammad T. Dashti
    • 2
  • Bruno Crispo
    • 1
    • 3
  • Andrew S. Tanenbaum
    • 1
  1. 1.Dept. Computer ScienceVrije UniversiteitAmsterdamThe Netherlands
  2. 2.CWIAmsterdamThe Netherlands
  3. 3.DTIUniversity of TrentoItaly

Personalised recommendations