A QKD-based digital archiving solution providing everlasting confidentiality and integrity.

With increasing digitization, the amount of archived data that requires long-term protection of confidentiality and integrity increases rapidly. Examples include electronic health records, genome data bases, and tax data. In this paper we present the first archiving solution that provides everlasting confidentiality and, at the same time, maintains a proof that the data were not changed since they were archived. For confidentiality protection, our solution combines quantum key distribution (QKD) for data in transit and proactive secret sharing for data at rest. Proofs of existence are generated using sequences of timestamped unconditionally hiding commitments. In addition to a security and performance analysis, we present a proof-of-concept implementation and an experimental evaluation. It uses the QKD platform of the National Institute of Information and Communication Technology of Japan.

[1]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.

[2]  Lau Cheuk Lung,et al.  An Infrastructure for Long-Term Archiving of Authenticated and Sensitive Electronic Documents , 2010, EuroPKI.

[3]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[4]  A R Dixon,et al.  Field test of quantum key distribution in the Tokyo QKD Network. , 2011, Optics express.

[5]  Johannes Braun,et al.  Long term confidentiality: a survey , 2014, Des. Codes Cryptogr..

[6]  Carlisle M. Adams,et al.  Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) , 2001, RFC.

[7]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[8]  Nancy A. Lynch,et al.  Modeling Computational Security in Long-Lived Systems , 2007, CONCUR.

[9]  Stuart Haber,et al.  A Content Integrity Service For Long-Term Digital Archives , 2006 .

[10]  Dominic Mayers,et al.  Unconditional security in quantum cryptography , 1998, JACM.

[11]  J. Feigenbaum Advances in cryptology--CRYPTO '91 : proceedings , 1992 .

[12]  Claude E. Shannon,et al.  Communication theory of secrecy systems , 1949, Bell Syst. Tech. J..

[13]  V. Scarani,et al.  The security of practical quantum key distribution , 2008, 0802.4155.

[14]  Tobias Gondrom,et al.  Extensible Markup Language Evidence Record Syntax (XMLERS) , 2011, RFC.

[15]  Hugo Krawczyk,et al.  Proactive Secret Sharing Or: How to Cope With Perpetual Leakage , 1995, CRYPTO.

[16]  Johannes A. Buchmann,et al.  Integrity, authenticity, non-repudiation, and proof of existence for long-term archiving: A survey , 2015, Comput. Secur..

[17]  Ralf Brandner,et al.  Evidence Record Syntax (ERS) , 2007, RFC.

[18]  Yvo Desmedt Advances in cryptology--CRYPTO '94 : 14th Annual International Cryptology Conference, Santa Barbara, California, USA, August 21-25, 1994 : proceedings , 1994 .

[19]  Jeannette M. Wing,et al.  Verifiable secret redistribution for archive systems , 2002, First International IEEE Security in Storage Workshop, 2002. Proceedings..

[20]  Sushil Jajodia,et al.  Redistributing Secret Shares to New Access Structures and Its Applications , 1997 .

[21]  Ran Canetti,et al.  Maintaining Security in the Presence of Transient Faults , 1994, CRYPTO.

[22]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[23]  K. Gopinath,et al.  G_{its}^2 VSR: An Information Theoretical Secure Verifiable Secret Redistribution Protocol for Long-term Archival Storage , 2007 .

[24]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[25]  Tanja Lange,et al.  Post-quantum cryptography , 2008, Nature.

[26]  Shor,et al.  Simple proof of security of the BB84 quantum key distribution protocol , 2000, Physical review letters.

[27]  K. Gopinath,et al.  An extended verifiable secret redistribution protocol for archival systems , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[28]  M.I. Aziz,et al.  Introduction to Cryptography , 2002, 2005 International Conference on Microelectronics.

[29]  Don Coppersmith Advances in Cryptology - CRYPTO '95, 15th Annual International Cryptology Conference, Santa Barbara, California, USA, August 27-31, 1995, Proceedings , 1995, CRYPTO.

[30]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.2 , 2008, RFC.

[31]  Gilles Brassard,et al.  Quantum Cryptography , 2005, Encyclopedia of Cryptography and Security.

[32]  Detlef Hühnlein,et al.  A Comprehensive Reference Architecture for Trustworthy Long-Term Archiving of Sensitive Data , 2009, 2009 3rd International Conference on New Technologies, Mobility and Security.