The concept of Ephemerizer, proposed by Perlman, is a mechanism for assured data deletion. Ephemerizer provides a useful service that expired data deleted from the persistent storage devices will be unrecoverable, even if later on some of the private keys in the system are compromised. However, no security model has ever been proposed for this primitive and existing protocols have not been studied formally. In practice, a potential shortcoming of existing Ephemerizer protocols is that they are supposed to provide only assured deletion but not assured initial disclosure. In other words, there is no guarantee on when the data will be initially disclosed. In this paper, we formalize the notion of Timed-Ephemerizer which can be regarded as augmented Ephemerizer and can provide both assured initial disclosure and deletion for sensitive data. We propose a new Timed-Ephemerizer protocol and prove its security in the proposed security model.
|Name||Lecture Notes in Computer Science|
|Workshop||Sixth European Workshop on Public Key Services, Applications and Infrastructures|
|Period||10/09/09 → 11/09/09|
|Other||10-11 September, 2009|