Kevin Fu


Associate Professor, Sloan Research Fellow
Computer Science and Engineering
Electrical Engineering and Computer Science
University of Michigan

ContactPGP KeyBioCV


I Lazy revocation

Lazy revocation is a concept I invented to make revocation efficient in my masters thesis on cryptographic storage. There's a long story behind the name and lack of documentation. The definitive citation is my masters thesis; however, I originally called the notion delayed re-encryption. I floated between three terms all meaning the same thing: delayed re-encryption, lazy re-encryption, and lazy revocation. Originally inspired by the notion of delayed writes in file systems while TA'ing an operating systems course, I originally chose the term delayed revocation. After giving talks at Bellcore, MIT, and several other places, I determined that the name wasn't particularly memorable. In my thesis, you'll see a discussion of "delayed re-encryption" as lazy behavior. The operational notion (re-encyption) was less memorable than the semantic notion (revocation). Thus, I switched to the informal but memorable term of lazy revocation. Unfortunately, it's difficult to publish two-page papers these days. Until I find a journal that accepts a two page paper on a simple but powerful notion, it's likely that lazy recovation will remain an unwritten concept passed on by oral tradition. I apologize for introducing so many synonyms (a practice I actively preach against), but that's how it is.

Papers and systems that use lazy revocation include:

If you have found the ideas of lazy revocation useful in your system, please send me your URL.