A revocable backup system

Authors: D. Boneh and R. Lipton

We present a system that enables a user to remove a file from both the file system and all the backup tapes on which the file is stored. The ability to remove files from all backup tapes is desirable in many cases. Our system erases information from the backup tape without actually writing on the tape. This is achieved by applying cryptography in a new way: a block cipher is used to enable the system to ``forget'' information rather than protect it. Our system is easy to install and is transparent to the end user. Further, it introduces no slowdown in system performance and little slowdown in the backup procedure.

In Proceedings 6th USENIX Security Conference, pp. 91--96, 1996

Full paper: gzipped-PostScript, PDF         [first posted 11/1997 ]