TooLate: Cryptographic Data Access Control for Offline Devices through Efficient Key Rotation

Abstract

The design of an access control technique for devices not connected to the Internet can present some very difficult challenges. Among others, how to properly handle user revocation stands out. In this paper, we present TooLate, a cryptosystem that allows an authority to grant access to a user over a set of encrypted files stored on an offline device. The authority has no connection with the device but is able to centrally manage access control to the remote datastore, providing users with decryption keys whose validity is limited in time and only to specific resources. The system uses a lightweight cryptographic technique suitable for non-tamper-proof, low-power devices. An active security module periodically re-encrypts the entire datastore using keys dynamically generated from a hash chain. Key rotation ensures that, even by tampering with the device, attackers cannot gain access to the data without a valid key, as the re-encryption occurs and they arrive too late.