Lazy Revocation in Cryptographic File Systems

Authors:
Michael Backes;Alina Oprea
Affiliations:
IBM Zurich Research Laboratory, Switzerland;Carnegie Mellon University, USA
Venue:
SISW '05 Proceedings of the Third IEEE International Security in Storage Workshop
Year:
2005

Citing 0
Cited 9

Flexible and secure enterprise rights management based on trusted virtual domains

Proceedings of the 3rd ACM workshop on Scalable trusted computing
PACISSO: P2P access control incorporating scalability and self-organization for storage systems

PACISSO: P2P access control incorporating scalability and self-organization for storage systems
Transparent mobile storage protection in trusted virtual domains

LISA'09 Proceedings of the 23rd conference on Large installation system administration
LotusNet: Tunable privacy for distributed online social network services

Computer Communications
Designing a secure storage repository for sharing scientific datasets using public clouds

Proceedings of the second international workshop on Data intensive computing in the clouds
Secure key-updating for lazy revocation

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Trusted virtual domains – design, implementation and lessons learned

INTRUST'09 Proceedings of the First international conference on Trusted Systems
SAPDS: self-healing attribute-based privacy aware data sharing in cloud

The Journal of Supercomputing
A trusted versioning file system for passive mobile storage devices

Journal of Network and Computer Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

A crucial element of distributed cryptographic file systems are key management solutions that allow for flexible but secure data sharing. We consider efficient key management schemes for cryptographic file systems using lazy revocation. We give rigorous security definitions for three cryptographic schemes used in such systems, namely symmetric encryption, message-authentication codes and signature schemes. Additionally, we provide generic constructions for symmetric encryption and message-authentication codes with lazy revocation using key-updating schemes for lazy revocation, which have been introduced recently. We also give a construction of signature schemes with lazy revocation from identity-based signatures. Finally, we describe how our constructions improve the key rotation mechanism in the Plutus file system