Abstract
This paper is about how to keep data for a finite time, and then make
it unrecoverable after that. It is difficult to ensure that data
is completely destroyed. To be available before expiration it is
desirable to create backup copies. Then absolute deletion becomes
difficult, because even after explicitly deleting it, copies might
remain on backup media, or in swap space, or be forensically recoverable.
The obvious solution is to store the data encrypted, and then delete
the key after expiration. The key is somewhat easier to manage, because
it is smaller, but there is still the issue of needing to make the
key reliably available for some time, and then reliably destroyed.
It is difficult enough for a user to manage one key, much less different
keys for different data expiration times. The user could keep each
key on a tamper-proof smart card with no copies, but then the data
will be lost prematurely if the user loses the smart card. And smart
cards are expensive. So the idea in this paper is to concentrate
all the key management expense and expertise in one place, a server
we call an "ephemerizer". The ephemerizer creates keys, makes them
available for encryption, aids in decryption, and destroys the keys
at the appropriate time. The design in this paper ensure that even
if a client's machine gets compromised, and everything in stable
storage (including long term user keys) is stolen, any data that
has expired before the compromise remains unrecoverable.
Users
Please
log in to take part in the discussion (add own reviews or comments).