A Hybrid PKI-IBC Based Ephemerizer System
نویسندگان
چکیده
The concept of an Ephemerizer system has been introduced in earlier works as a mechanism to ensure that a file deleted from the persistent storage remains unrecoverable. The principle involved storing the data in an encrypted form in the user’s machine and the key to decrypt the data in a physically separate machine. However the schemes proposed so far do not provide support for fine-grained user settings on the lifetime of the data nor support any mechanism to check the integrity of the system that is using the secret data. In addition we report the presence of a vulnerability in one version of the proposed scheme that can be exploited by an attacker to nullify the ephemeral nature of the keys. We propose and discuss in detail an alternate Identity Based cryptosystem powered scheme that overcomes the identified limitations of the original system.
منابع مشابه
From Ephemerizer to Timed-Ephemerizer: Achieve Assured Lifecycle Enforcement for Sensitive Data
The concept of Ephemerizer, proposed by Perlman, is a cryptographic primitive for assured data deletion. With an Ephemerizer protocol, data in persistent storage devices will always be encrypted simultaneously using an ephemeral public key of the Ephemerizer (an entity which will publish a set of ephemeral public keys and periodically delete the expired ones) and the long-term public key of a u...
متن کاملA hybrid approach to secure hierarchical mobile IPv6 networks
Establishing secure access and communications in a hierarchical mobile IPv6 (HMIPv6) network, when a mobile node is roaming into a foreign network, is a challenging task and has so far received little attention. Existing solutions are mainly based on public key infrastructure (PKI) or identity-based cryptography (IBC). However, these solutions suffer from either efficiency or scalability proble...
متن کاملرمزنگاری مبتنی بر شناسه در شبکههای حسگر بیسیم
در سالهای اخیر برای حل مشکل توزیع کلید و تعداد زیاد کلیدهای ذخیره شده در شبکههای حسگر بیسیم از رمزنگاری کلید عمومی استفاده شد. در این شبکهها از ین نوع رمزنگاری برای انجام احراز اصالت و توافق کلید بهره گرفته شده است. پر کاربردترین رمزنگاری کلید عمومی که مبتنی بر گواهی است از زیر ساخت کلید عمومی (PKI) استفاده میکند. همان طور که میدانیم برای پیادهسازی PKI نیازمند میزان قابل توجهی حافظه، ...
متن کاملDomain-Based Administration of Identity-Based Cryptosystems for Secure Email and IPSEC
Effective widespread deployment of cryptographic technologies such as secure email and IPsec has been hampered by the difficulties involved in establishing a large scale public key infrastructure, or PKI. Identity-based cryptography (IBC) can be used to ameliorate some of this problem. However, current approaches to using IBC for email or IPsec require a global, trusted key distribution center....
متن کاملA Dynamic Key Infrastructure for Grid
This paper introduces the concept of a dynamic key infrastructure for Grid. It utilises the properties of Identity-based Cryptography (IBC) to simplify key management techniques used in current Public Key Infrastructure (PKI) settings for Grid. This approach can offer greater simplicity, flexibility, and enhanced computation trade-offs.
متن کامل