Cryptographic Enforcement of Language-Based Information Erasure

Aslan Askarov, Scott Moore, Christos Dimoulas, Stephen Chong

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

Information erasure is a formal security requirement that stipulates when sensitive data must be removed from computer systems. In a system that correctly enforces erasure requirements, an attacker who observes the system after sensitive data is required to have been erased cannot deduce anything about the data. Practical obstacles to enforcing information erasure include: (1) correctly determining which data requires erasure, and (2) reliably deleting potentially large volumes of data, despite untrustworthy storage services. In this paper, we present a novel formalization of language-based information erasure that supports cryptographic enforcement of erasure requirements: sensitive data is encrypted before storage, and upon erasure, only a relatively small set of decryption keys needs to be deleted. This cryptographic technique has been used by a number of systems that implement data deletion to allow the use of untrustworthy storage services. However, these systems provide no support to correctly determine which data requires erasure, nor have the formal semantic properties of these systems been explained or proven to hold. We address these shortcomings. Specifically, we study a programming language extended with primitives for public-key cryptography, and demonstrate how information-flow control mechanisms can automatically track data that requires erasure and provably enforce erasure requirements even when programs employ cryptographic techniques for erasure.

Original languageEnglish (US)
Title of host publicationProceedings - 2015 IEEE 28th Computer Security Foundations Symposium, CSF 2015
EditorsPatrick Kellenberger
PublisherIEEE Computer Society
Pages334-348
Number of pages15
ISBN (Electronic)9781467375382
DOIs
StatePublished - Sep 4 2015
Event28th IEEE Computer Security Foundations Symposium, CSF 2015 - Verona, Italy
Duration: Jul 13 2015Jul 17 2015

Publication series

NameProceedings of the Computer Security Foundations Workshop
Volume2015-September
ISSN (Print)1063-6900

Other

Other28th IEEE Computer Security Foundations Symposium, CSF 2015
CountryItaly
CityVerona
Period7/13/157/17/15

ASJC Scopus subject areas

  • Software

Fingerprint Dive into the research topics of 'Cryptographic Enforcement of Language-Based Information Erasure'. Together they form a unique fingerprint.

  • Cite this

    Askarov, A., Moore, S., Dimoulas, C., & Chong, S. (2015). Cryptographic Enforcement of Language-Based Information Erasure. In P. Kellenberger (Ed.), Proceedings - 2015 IEEE 28th Computer Security Foundations Symposium, CSF 2015 (pp. 334-348). [7243743] (Proceedings of the Computer Security Foundations Workshop; Vol. 2015-September). IEEE Computer Society. https://doi.org/10.1109/CSF.2015.30