Key Update Mechanism Using All-or-Nothing Transform for Network Storage of Encrypted Data


IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E98-A   No.1   pp.162-170
Publication Date: 2015/01/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E98.A.162
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
Category: Foundation
re-encryption,  all-or-nothing transform,  cryptographic key management,  

Full Text: PDF>>
Buy this Article

Cryptography is now popularized and is widely used anywhere for many aims such as data confidentiality and integrity. The cryptographic key has a limited lifetime. For example, the National Institute of Standards and Technology published SP800-57 in order to provide cryptographic key management guidance, and it strictly limits the lifetime of the cryptographic key and the lifetime of encrypted data. That means, the data encryption key is required to be periodically updated and the associated encrypted data is required to be re-encrypted with the new key each time. The cost, especially network traffic, is crucial if the encrypted data is away from the key. In this paper we discuss what to be achieved by key updating and propose a key update mechanism reducing the communication and computation cost of re-encryption.