Making Data "Vanish" Automatically
University of Washington researchers have a created a way to automate encryption key expiration, which means data can become inaccessible over a given period of time.
July 22, 2009
University of Washington researchers have a created a way to automate encryption key expiration, which means data can become inaccessible over a given period of time.
The technology prototype, called Vanish, basically works like this in relation to email content:
For each message that it sends, Vanish creates a secret key, which it never reveals to the user, and then encrypts the message with that key. It then divides the key into dozens of pieces and sprinkles those pieces on random computers that belong to worldwide [P2P] file-sharing networks, the same ones often used to share music or movie files. The file-sharing system constantly changes as computers join or leave the network, meaning that over time parts of the key become permanently inaccessible. Once enough key parts are lost, the original message can no longer be deciphered.
So while the prototype is designed to encrypt email text, it can (and probably will) be modified to support encrypted of binary data as well, such as images, audio, documents, etc.
More about Vanish is available at the UW Web site, and the developers intend to release a plugin for Firefox soon. The core code is already available for installation and requires Java 5.x and Firefox 3.x.
About the Author
You May Also Like