How to guarantee files encrypted and
transmitted today stay confidential for
years to come.
By Chi-sunG Laih, shanG-MinG Jen, anD Chia-yu Lu
The ubiquitous cryptographic Public Key Infrastructure
(PKI) faces a multitude of privacy-protection risks.
A notable issue is long-term security, which can be
deconstructed into long-term authenticity and long-term confidentiality. Authenticity has been widely
discussed over the past decade, while confidentiality
has generally been neglected. As the
factorization of RSA advances, there
is increased urgency to refresh the
confidentiality of existing instances of
PKI with longer-duration validity. Unfortunately, cryptographers have not
come up with a realistic solution to
the question of how to guarantee long-term confidentiality, the most challenging unaddressed open problem
from previous works. In this article,
we formalize the problem by defining
;;; upgrading all PKi instances is systemically
and logistically costly since PKi
structures and scope are so variable.
;;; we define Pfw and quantify long-term
confidentiality to highlight the insecure
period encountered by encrypted files.
;;; the asymmetric secrecy property is
a practical, software-based low-cost
solution requiring negligible changes
to existing system hardware.
the concept of a Privacy-Free Window
(PFW) where the previously protected
file is now at risk. By taking advantage
of a PKI property called “asymmetric
secrecy,” we give a specific solution addressing PFW. This method can be further developed to extend the originally
defined security duration of some PKIs
and other cryptographic tools. We also
furnish an algorithm to verify existing
protocols and recommend actions for
maintaining security as a PFW occurs.
PKI applications are everywhere
in modern information technology,
including e-commerce, Secure Sockets Layer/Transport Layer Security,
and citizen-to-government and gov-ernment-to-government applications
(such as those involving tax reporting,
medical insurance, and passports).
However, maintaining PKI security is
increasingly complicated since cryptographic attacks are more sophisticated than ever.