“…The approach of key evolution [2] assumes that the timeline is divided into different periods, and a different secret key is used from one period to the next. This somewhat recent approach has already led to many useful notions, including those of forward-secure [3,24,1,20,26,8], keyinsulated [11,12,4] and intrusion-resilient [21,13] cryptosystems. While very powerful, the disadvantage of this approach is the need to introduce "global time" and the issue of what to do with documents produced outside of the "current" period.…”