Abstract
The protection of long-lived sensitive information puts enormous stress on traditional ciphers, to survive generations of cryptanalysts. In addition, there is a continued risk of adversaries penetrating and attacking the systems in which these ciphers are implemented. In this paper, we present our work-in-progress on an approach to survive both cryptanalysis and intrusion attacks for extended periods of time. A prime objective of any similar work is to prevent the leakage of plaintexts. However, given the long lifespan of sensitive information, during which cryptanalysts could focus on breaking the cipher, it is equally important to prevent leakage of unduly high amounts of ciphertext. Our approach consists in an enclave-based architectural set-up bringing in primary resilience against attacks, seconded by permanently reencrypting portions of the confidential or privacy-sensitive data with fresh keys and combining ciphers in a threshold-based encryption scheme.
This work is partially supported by the Fonds National de la Recherche Luxembourg (FNR) through PEARL grant FNR/P14/8149128.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
In fact we have selected genomic information for precisely this combination, but for the remainder of this paper and in hindsight of the workshop, please consider it as only one example of information with such properties and possibly not the best one. The interested reader is here directed to the transcript of the talk and the controversial discussion it triggered.
References
Backes, M., Berrang, P., Humbert, M., Shen, X., Wolf, V.: Simulating the large-scale erosion of genomic privacy over time. In: 3rd International Workshop on Genome Privacy and Security (GenoPri) (2016)
Cachin, C., Kursawe, K., Lysyanskaya, A., Strobl, R.: Asynchronous verifiable secret sharing and proactive cryptosystems. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, pp. 88–97. ACM, New York (2002). http://doi.acm.org/10.1145/586110.586124
Desmedt, Y., Jajodia, S.: Redistributing secret shares to new access structures and its applications. Technical report ISSE-TR-97-01, Department of Information and Software Engineering, George Mason University (1997)
Gentry, C.: A fully homomorphic encryption scheme. Ph.D. thesis, Stanford, September 2009
Gupta, V.H., Gopinath, K.: G\(^2_{\rm {its}}\)VSR: an information theoretical secure verifiable secret redistribution protocol for long-term archival storage. In: International IEEE Security in Storage Workshop, pp. 22–33 (2007)
Gymrek, M., Golan, D., Rosset, S., Erlich, Y.: lobSTR: a short tandem repeat profiler for personal genomes. Genome Res. 22(6), 1154–1162 (2012)
Herzberg, A., Jarecki, S., Krawczyk, H., Yung, M.: Proactive secret sharing or: how to cope with perpetual leakage. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 339–352. Springer, Heidelberg (1995). https://doi.org/10.1007/3-540-44750-4_27
Power, D.A.: Federal agencies need to address aging legacy systems. Testimony Before the Committee on Oversight and Government Reform, House of Representatives, May 2016. http://www.gao.gov/assets/680/677454.pdf
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Sousa, P., Neves, N.F., Verissimo, P.: Proactive resilience through architectural hybridization. In: ACM Symposium on Applied Computing, SAC 2006, Dijon, France, April 2006
Wong, T., Wang, C., Wing, J.: Verifiable secret redistribution for archive systems. In: International IEEE Security in Storage Workshop (2002)
Yu, J., Ryan, M., Chen, L.: Authenticating compromisable storage systems. In: IEEE TrustCom 2017 (2017)
Zhou, L., Schneider, F.B., Van Renesse, R.: APSS: proactive secret sharing in asynchronous systems. ACM Trans. Inf. Syst. Secur. 8(3), 259–286 (2005). https://doi.org/10.1145/1085126.1085127
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Völp, M., Rocha, F., Decouchant, J., Yu, J., Esteves-Verissimo, P. (2017). Permanent Reencryption: How to Survive Generations of Cryptanalysts to Come. In: Stajano, F., Anderson, J., Christianson, B., Matyáš, V. (eds) Security Protocols XXV. Security Protocols 2017. Lecture Notes in Computer Science(), vol 10476. Springer, Cham. https://doi.org/10.1007/978-3-319-71075-4_25
Download citation
DOI: https://doi.org/10.1007/978-3-319-71075-4_25
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-71074-7
Online ISBN: 978-3-319-71075-4
eBook Packages: Computer ScienceComputer Science (R0)