The Library
Deleting secret data with public verifiability
Tools
Hao, Feng, Clarke, Dylan and Zorzo, Avelino Francisco (2016) Deleting secret data with public verifiability. IEEE Transactions on Dependable and Secure Computing, 13 (6). pp. 617-629. doi:10.1109/TDSC.2015.2423684 ISSN 1545-5971.
|
PDF
WRAP-deleting-secret-data-public-verifiability-Hao-2016.pdf - Accepted Version - Requires a PDF viewer. Download (1163Kb) | Preview |
Official URL: http://dx.doi.org/10.1109/TDSC.2015.2423684
Abstract
Existing software-based data erasure programs can be summarized as following the same one-bit-return protocol: the deletion program performs data erasure and returns either success or failure. However, such a one-bit-return protocol turns the data deletion system into a black box-the user has to trust the outcome but cannot easily verify it. This is especially problematic when the deletion program is encapsulated within a Trusted Platform Module (TPM), and the user has no access to the code inside. In this paper, we present a cryptographic solution that aims to make the data deletion process more transparent and verifiable. In contrast to the conventional black/white assumptions about TPM (i.e., either completely trust or distrust), we introduce a third assumption that sits in between: namely, “trust-but-verify”. Our solution enables a user to verify the correct implementation of two important operations inside a TPM without accessing its source code: i.e., the correct encryption of data and the faithful deletion of the key. Finally, we present a proof-of-concept implementation of the SSE system on a resource-constrained Java card to demonstrate its practical feasibility. To our knowledge, this is the first systematic solution to the secure data deletion problem based on a “trust-but-verify” paradigm, together with a concrete prototype implementation.
Item Type: | Journal Article | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
Subjects: | Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software | |||||||||
Divisions: | Faculty of Science, Engineering and Medicine > Science > Computer Science | |||||||||
Library of Congress Subject Headings (LCSH): | Data -- Deletion, Cryptography | |||||||||
Journal or Publication Title: | IEEE Transactions on Dependable and Secure Computing | |||||||||
Publisher: | Institute of Electrical and Electronics Engineers | |||||||||
ISSN: | 1545-5971 | |||||||||
Official Date: | December 2016 | |||||||||
Dates: |
|
|||||||||
Volume: | 13 | |||||||||
Number: | 6 | |||||||||
Page Range: | pp. 617-629 | |||||||||
DOI: | 10.1109/TDSC.2015.2423684 | |||||||||
Status: | Peer Reviewed | |||||||||
Publication Status: | Published | |||||||||
Reuse Statement (publisher, data, author rights): | © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. | |||||||||
Access rights to Published version: | Restricted or Subscription Access | |||||||||
Date of first compliant deposit: | 5 December 2018 | |||||||||
Date of first compliant Open Access: | 5 December 2018 | |||||||||
RIOXX Funder/Project Grant: |
|
Request changes or add full text files to a record
Repository staff actions (login required)
View Item |
Downloads
Downloads per month over past year