Paper 2014/364
Deleting Secret Data with Public Verifiability
Feng Hao and Dylan Clarke and Avelino Francisco Zorzo
Abstract
The problem of secure data erasure has been extensively studied in the past with a rich body of literature available. All existing software-based solutions can be summarized as following the same one-bit-return protocol: the deletion program performs data erasure and returns either success or failure. However, such a one-bit-return protocol turns the data deletion system into a black box -- the user has to trust the outcome but cannot easily verify it. This is especially problematic when the deletion program is encapsulated within a Trusted Platform Module (TPM), and the user has no access to the code inside. In this paper, we initiate a study on how to delete secret data with public verifiability. This is a subject that has not been investigated before, partly because it seems intuitively impossible. In this paper, we show a solution is possible by applying appropriate cryptographic primitives. Based on combining DHIES, Chaum-Pedersen Zero Knowledge Proof and ECDSA, we present a Secure Storage and Erasure (SSE) protocol. The key idea in our solution is based on a ``trust-but-verify'' paradigm, which is generally applicable to many security problems but has been largely neglected in the field of secure data deletion. Finally, we present a concrete implementation of the SSE system to demonstrate its practical feasibility.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Keywords
- key managementsmart cardszero knowledgesecure data deletion
- Contact author(s)
- haofeng66 @ gmail com
- History
- 2015-04-14: revised
- 2014-05-25: received
- See all versions
- Short URL
- https://ia.cr/2014/364
- License
-
CC BY