Title :
Lazy revocation in cryptographic file systems
Author :
Backes, Michael ; Cachin, Christian ; Oprea, Alina
Author_Institution :
Zurich Res. Lab., IBM Res., Ruschlikon
Abstract :
A crucial element of distributed cryptographic file systems are key management solutions that allow for flexible but secure data sharing. We consider efficient key management schemes for cryptographic file systems using lazy revocation. We give rigorous security definitions for three cryptographic schemes used in such systems, namely symmetric encryption, message-authentication codes and signature schemes. Additionally, we provide generic constructions for symmetric encryption and message-authentication codes with lazy revocation using key-updating schemes for lazy revocation, which have been introduced recently. We also give a construction of signature schemes with lazy revocation from identity-based signatures. Finally, we describe how our constructions improve the key rotation mechanism in the Plutus file system
Keywords :
cryptography; message authentication; network operating systems; Plutus file system; distributed cryptographic file system; identity-based signature; key management scheme; key-updating scheme; lazy revocation; message-authentication code; secure data sharing; symmetric encryption; Access control; Cryptography; Data security; File systems; Identity-based encryption; Laboratories; Permission; Protection; Secure storage; Storage area networks;
Conference_Titel :
Security in Storage Workshop, 2005. SISW '05. Third IEEE International
Conference_Location :
San Francisco, CA
Print_ISBN :
0-7695-2537-7
DOI :
10.1109/SISW.2005.7
