Abstract
The concept of Ephemerizer, proposed by Perlman, is a mechanism for assured data deletion. Ephemerizer provides a useful service that expired data deleted from the persistent storage devices will be unrecoverable, even if later on some of the private keys in the system are compromised. However, no security model has ever been proposed for this primitive and existing protocols have not been studied formally. In practice, a potential shortcoming of existing Ephemerizer protocols is that they are supposed to provide only assured deletion but not assured initial disclosure. In other words, there is no guarantee on when the data will be initially disclosed. In this paper, we formalize the notion of Timed-Ephemerizer which can be regarded as augmented Ephemerizer and can provide both assured initial disclosure and deletion for sensitive data. We propose a new Timed-Ephemerizer protocol and prove its security in the proposed security model.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bellare, M., Palacio, A.: The knowledge-of-exponent assumptions and 3-round zero-knowledge protocols. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 273–289. Springer, Heidelberg (2004)
Boneh, D., Franklin, M.K.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Cathalo, J., Libert, B., Quisquater, J.-J.: Efficient and non-interactive timed-release encryption. In: Qing, S., Mao, W., López, J., Wang, G. (eds.) ICICS 2005. LNCS, vol. 3783, pp. 291–303. Springer, Heidelberg (2005)
Damgård, I.: Towards practical public key systems secure against chosen ciphertext attacks. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 445–456. Springer, Heidelberg (1992)
Dent, A.W., Tang, Q.: Revisiting the security model for timed-release encryption with pre-open capability. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 158–174. Springer, Heidelberg (2007)
Halderman, J.A., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W.: Lest We Remember: Cold Boot Attacks on Encryption Keys. In: van Oorschot, P.C. (ed.) Proceedings of the 17th USENIX Security Symposium, pp. 45–60. USENIX Association (2008)
Hwang, Y., Yum, D., Lee, P.: Timed-release encryption with pre-open capability and its application to certified e-mail system. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 344–358. Springer, Heidelberg (2005)
May, T.C.: Time-release crypto (1993)
Nair, S.K., Dashti, M.T., Crispo, B., Tanenbaum, A.S.: A Hybrid PKI-IBC Based Ephemerizer System. In: Venter, H.S., Eloff, M.M., Labuschagne, L., Eloff, J.H.P., von Solms, R. (eds.) New Approaches for Security, Privacy and Trust in Complex Environments, Proceedings of the IFIP TC-11 22nd International Information Security Conference (SEC 2007). IFIP, vol. 232, pp. 241–252. Springer, Heidelberg (2007)
Department of Defense of the United States. National Industrial Security Program Operating Manual (NISPOM), DoD 5220.22-M (2006)
Perlman, R.: File system design with assured delete. In: SISW 2005: Proceedings of the Third IEEE International Security in Storage Workshop, pp. 83–88. IEEE Computer Society, Los Alamitos (2005)
Perlman, R.: The Ephemerizer: Making Data Disappear. Journal of Information System Security 1(1), 51–68 (2005)
Perlman, R.: The Ephemerizer: Making Data Disappear. Technical Report TR-2005-140, Sun Microsystems, Inc. (2005)
Rivest, R.L., Shamir, A., Wagner, D.A.: Time-lock puzzles and timed-release crypto. Technical Report Tech. Report MIT/LCS/TR-684, MIT LCS (1996)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Tang, Q.: Timed-ephemerizer: Make assured data appear and disappear. Technical report, Centre for Telematics and Information Technology, University of Twente (2009), http://eprints.eemcs.utwente.nl/15802/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tang, Q. (2010). Timed-Ephemerizer: Make Assured Data Appear and Disappear. In: Martinelli, F., Preneel, B. (eds) Public Key Infrastructures, Services and Applications. EuroPKI 2009. Lecture Notes in Computer Science, vol 6391. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16441-5_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-16441-5_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16440-8
Online ISBN: 978-3-642-16441-5
eBook Packages: Computer ScienceComputer Science (R0)