Zusammenfassung
The concept of Ephemerizer, proposed by Perlman, is a cryptographic
primitive for assured data deletion. With an Ephemerizer protocol,
data in persistent storage devices will always be encrypted simultaneously
using an ephemeral public key of the Ephemerizer (an entity which
will publish a set of ephemeral public keys and periodically delete
the expired ones) and the long-term public key of a user. An Ephemerizer
protocol enables the user to securely decrypt the encrypted data
without leaking any information to the Ephemerizer. So far, no security
model has ever been proposed for this primitive and existing protocols
have not been studied formally. Not surprisingly, we show that some
existing Ephemerizer protocols possess security vulnerabilities.
In this paper, we introduce the notion of Timed-Ephemerizer, which
can be regarded as a hybrid primitive by combining Ephemerizer and
Timed-Release Encryption. Compared with an Ephemerizer protocol,
a Timed-Ephemerizer protocol further guarantees that data will
only be released after a pre-defined disclosure time. Moreover, we
propose a security model for Timed-Ephemerizer and formalize relevant
security properties. We also propose a new Timed-Ephemerizer protocol
and prove its security in the security model.
Nutzer