Paper 2017/485

Authenticating compromisable storage systems

Jiangshan Yu, Mark Ryan, and Liqun Chen


A service may be implemented over several servers, and those servers may become compromised by an attacker, e.g. through software vulnerabilities. When this happens, the service manager will remove the vulnerabilities and re-instate the server. Typically, this will involve regenerating the public key by which clients authenticate the service, and revoking the old one. This paper presents a scheme which allows a storage service composed of several servers to create a group public key in a decentralised manner, and maintain its security even when such compromises take place. By maintaining keys for a long term, we reduce the reliance on public-key certification. The storage servers periodically update the decryption secrets corresponding to a public key, in such a way that secrets gained by an attacker are rendered useless after an update takes place. An attacker would have to compromise all the servers within a short period lying between two updates in order to fully compromise the system.

Note: This is the full version of a paper published at TrustCom-2017.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Major revision. TrustCom 2017
Post compromise securityProactive securitySelf-healing systemAuthentication.
Contact author(s)
j yu research @ gmail com
2017-05-31: received
Short URL
Creative Commons Attribution


      author = {Jiangshan Yu and Mark Ryan and Liqun Chen},
      title = {Authenticating compromisable storage systems},
      howpublished = {Cryptology ePrint Archive, Paper 2017/485},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.