The secure storage systems adopting the encrypt-on-disk scheme, in which files are stored in cipher for efficient data transmission, need to re-encrypt files with new cryptographic keys when a revocation occurs. There are two re-encryption methods, namely active revocation in which the re-encryption is immediately performed and lazy revocation in which the re-encryption is delayed until the file is updated. There is the trade-off between performance and security because active revocation has the expense of immediate re-encryption, while lazy revocation is vulnerable during its re-encryption delay. We consider the environment in which re-encrypted file is pre-computed by using backup data in a parallel storage system effective for this issue. However, the performance of update is decreased on account of the difference of keys used in primary and backup. In this paper, we evaluate a method in which the differential data re-encrypted for backup are not written to the file but be kept on the memory in different key environment, and evaluate the different key environment in parallel storage by experiment.
展开▼
