| Summary: | 博士 === 國立臺灣大學 === 資訊工程學研究所 === 102 === In this dissertation, we define and investigate the novel data presence problem as data aggregation, data spreading, and data long-term existence problems. To address the data presence problem, we propose three salient features including user-controllability, client-side encryption, and ephemerality as design principles. And to realize these three design principles, we propose Synchronous and Asynchronous Pandora Messaging protocols for designing and building a mobile data security management system. The Asynchronous Pandora Messaging is a forward secure asynchronous messaging integrated with a per-message rekeying mechanism. The ephemeral decryption key of the message is securely deleted when the expiration condition of the message is satisfied. As a result, it is in principle impossible to decrypt the encrypted message efficiently without possessing the ephemeral decryption key. In other words, the message is regarded as self-destructible. Making a message self-destructible is particularly important for those who want to protect sensitive data in case of data compromise. By setting up expiration constraints for ephemeral decryption key or decryption policy for secret message transmission, we make messages inaccessible to anyone when the constraint is satisfied, or make messages unreadable even when intercepted by a third party who has no means to fulfill the decryption policy. In doing so, we provide a second-layer protection of sensitive data during message transmission. We have implemented two messaging application prototypes on Android, and have evaluated their performances to prove our Pandora Messaging protocols are practical and feasible.
|
|---|
