Cryptology ePrint Archive: Report 2018/638

BurnBox: Self-Revocable Encryption in a World of Compelled Access

Nirvan Tyagi and Muhammad Haris Mughees and Thomas Ristenpart and Ian Miers

Abstract: Dissidents, journalists, and others require technical means to protect their privacy in the face of compelled access to their digital devices (smartphones, laptops, tablets, etc.). For example, authorities increasingly force disclosure of all secrets, including passwords, to search devices upon national border crossings. We therefore present the design, implementation, and evaluation of a new system to help victims of compelled searches. Our system, called BurnBox, provides self-revocable encryption: the user can temporarily disable their access to specific files stored remotely, without revealing which files were revoked during compelled searches, even if the adversary also compromises the cloud storage service. They can later restore access. We formalize the threat model and provide a construction that uses an erasable index, secure erasure of keys, and standard cryptographic tools in order to provide security supported by our formal analysis. We report on a prototype implementation, which showcases the practicality of BurnBox.

Category / Keywords: applications / cloud storage, secure deletion, compelled access

Original Publication (with major differences): USENIX Security '18

Date: received 27 Jun 2018, last revised 16 Jan 2019

Contact author: nirvan tyagi at gmail com

Available format(s): PDF | BibTeX Citation

Note: Fix small typo in appendix.

Version: 20190116:194659 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]