Practical Active Revocation

Contiu, Stefan; Réveillère, Laurent; Riviere, Etienne

doi:10.1145/3423211.3425667

Practical Active Revocation

Contiu, Stefan

;

Réveillère, Laurent

;

Riviere, Etienne

(2020) ACM/IFIP Middleware conference — Location: Delft, the Netherlands (7.December.2020)

Files

main.pdf

Open Access
Adobe PDF
1.55 MB

Download

Details

Authors

Contiu, StefanScille
Author
Réveillère, LaurentUniversity of Bordeaux
Author
Riviere, EtienneUCLouvain
Author

Abstract

We propose Knob, a practical active revocation scheme allowing to efficiently revoke users’ access to encrypted data banks stored in public clouds. Knob leverages Trusted Execution Environments and All-or-Nothing Data Transforms in order to re-encrypt only small portions of the content directly in the cloud, using a scalable swarm of re-encryption workers. It prevents malicious users from being able to predict which portions of the files will be re-encrypted upon a revocation, effectively disabling pre-provisioning attacks. Our evaluation using industry workloads shows that Knob outperforms active revocation using full re-encryption by up to 3 orders of magnitude while being on average 3 to 7 times faster than state-of-the-art partial re-encryption.

Affiliations

UCLouvainSST/ICTM/INGI - Pôle en ingénierie informatique

Citations

APA
Chicago
FWB

Contiu, S., Réveillère, L., & Riviere, E. (2020). Practical Active Revocation. Proceedings of the 21st Annual Middleware Conference. Published. ACM/IFIP Middleware conference, Delft, the Netherlands. https://doi.org/10.1145/3423211.3425667