Skip to main content
SpringerLink
Log in

On Consistency of Encrypted Files

  • Conference paper
Distributed Computing (DISC 2006)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4167))

Included in the following conference series:

Abstract

In this paper we address the problem of consistency for cryptographic file systems. A cryptographic file system protects the users’ data from the file server, which is possibly untrusted and might exhibit Byzantine behavior, by encrypting the data before sending it to the server. The consistency of the encrypted file objects that implement a cryptographic file system relies on the consistency of the two components used to implement them: the file storage protocol and the key distribution protocol.

We first define two generic classes of consistency conditions that extend and generalize existing consistency conditions. We then formally define consistency for encrypted file objects in a generic way: for any consistency conditions for the key and file objects belonging to one of the two classes of consistency conditions considered, we define a corresponding consistency condition for encrypted file objects. We finally provide, in our main result, necessary and sufficient conditions for the consistency of the key distribution and file storage protocols under which the encrypted storage is consistent. Our framework allows the composition of existing key distribution and file storage protocols to build consistent encrypted file objects and simplifies complex proofs for showing the consistency of encrypted storage.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abd-El-Malek, M., Ganger, G.R., Goodson, G.R., Reiter, M.K., Wylie, J.J.: Fault-scalable byzantine fault-tolerant services. In: Proc. 20th ACM Symposium on Operating Systems (SOSP), pp. 59–74. ACM, New York (2005)

    Google Scholar 

  2. Adya, A., Bolosky, W.J., Castro, M., Cermak, G., Chaiken, R., Douceur, J.R., Howell, J., Lorch, J.R., Theimer, M., Wattenhofer, R.P.: FARSITE: Federated, available, and reliable storage for an incompletely trusted environment. In: Proc. 5th Symposium on Operating System Design and Implementation (OSDI), Usenix (2002)

    Google Scholar 

  3. Ahamad, M., Bazzi, R., John, R., Kohli, P., Neiger, G.: The power of processor consistency. Technical Report GIT-CC-92/34, Georgia Institute of Technology (1992)

    Google Scholar 

  4. Ahamad, M., Neiger, G., Burns, J., Kohli, P., Hutto, P.: Causal memory: Definitions, implementation and programming. Distributed Computing 1(9), 37–49 (1995)

    Article  MathSciNet  Google Scholar 

  5. Backes, M., Cachin, C., Oprea, A.: Secure key-updating for lazy revocation. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189. Springer, Heidelberg (2006)

    Google Scholar 

  6. Bernstein, P., Hadzilacos, V., Goodman, N.: Concurrency Control and Recovery in Database Systems. Addison-Wesley, Reading (1987)

    Google Scholar 

  7. Bershad, B., Zekauskas, M., Sawdon, W.: The Midway distributed shared-memory system. In: Proc. IEEE COMPCON Conference, pp. 528–537. IEEE, Los Alamitos (1993)

    Google Scholar 

  8. Cachin, C., Poritz, J.A.: Secure intrusion-tolerant replication on the internet. In: Proc. International Conference on Dependable Systems and Networks (DSN), pp. 167–176. IEEE, Los Alamitos (2002)

    Chapter  Google Scholar 

  9. Castro, M., Liskov, B.: Practical Byzantine fault tolerance. In: Proc. 3rd Symposium on Operating System Design and Implementation (OSDI), pp. 173–186. Usenix (1999)

    Google Scholar 

  10. Dubois, M., Scheurich, C., Briggs, F.: Synchronization, coherence and event ordering in multiprocessors. IEEE Computer 21(2), 9–21 (1988)

    Google Scholar 

  11. Friedman, R., Vitenberg, R., Chockler, G.: On the composability of consistency conditions. Information Processing Letters 86, 169–176 (2002)

    Article  MathSciNet  Google Scholar 

  12. Fu, K.: Group sharing and random access in cryptographic storage file systems. Master’s thesis, Massachusetts Institute of Technology (1999)

    Google Scholar 

  13. Gharachorloo, K., Lenoski, D., Laudon, J., Gibbons, P., Gupta, A., Hennessy, J.: Memory consistency and event ordering in scalable shared-memory multiprocessors. In: Proc. 17th Annual International Symposium on Computer Architecture, pp. 15–26 (1990)

    Google Scholar 

  14. Goh, E., Shacham, H., Modadugu, N., Boneh, D.: SiRiUS: Securing remote untrusted storage. In: Proc. Network and Distributed Systems Security (NDSS) Symposium 2003, pp. 131–145. ISOC (2003)

    Google Scholar 

  15. Goodman, J.: Cache consistency and sequential consistency. Technical Report 61, SCI Committee (1989)

    Google Scholar 

  16. Herlihy, M., Wing, J.: Linearizability: A corretness condition for concurrent objects. ACM Transactions on Programming Languages and Systems 12(3), 463–492 (1990)

    Article  Google Scholar 

  17. Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: Plutus: Scalable secure file sharing on untrusted storage. In: Proc. 2nd USENIX Conference on File and Storage Technologies (FAST) (2003)

    Google Scholar 

  18. Lakshmanan, S., Ahamad, M., Venkateswaran, H.: A secure and highly available distributed store for meeting diverse data storage needs. In: Proc. International Conference on Dependable Systems and Networks (DSN), pp. 251–260. IEEE, Los Alamitos (2001)

    Chapter  Google Scholar 

  19. Lamport, L.: How to make a multiprocessor computer that correctly executes multiprocess programs. IEEE Transactions on Computers 28(9), 690–691 (1979)

    Article  MATH  Google Scholar 

  20. Lenoski, D., Laudon, J., Gharachorloo, K., Weber, W.D., Gupta, A., Hennessy, J., Horowitz, M., Lam, M.S.: The Stanford Dash multiprocessor. IEEE Computer 25(3), 63–79 (1992)

    Google Scholar 

  21. Li, J., Krohn, M., Mazieres, D., Shasha, D.: Secure untrusted data repository. In: Proc. 6th Symposium on Operating System Design and Implementation (OSDI), pp. 121–136. Usenix (2004)

    Google Scholar 

  22. Lipton, R., Sandberg, J.: Pram: A scalable shared memory. Technical Report CS-TR-180-88, Princeton University, Department of Computer Science (1988)

    Google Scholar 

  23. Mazieres, D., Kaminsky, M., Kaashoek, M., Witchel, E.: Separating key management from file system security. In: Proc. 17th ACM Symposium on Operating Systems (SOSP), pp. 124–139. ACM, New York (1999)

    Google Scholar 

  24. Mazieres, D., Shasha, D.: Building secure file systems out of Byzantine storage. In: Proc. 21st ACM Symposium on Principles of Distributed Computing (PODC), pp. 108–117. ACM, New York (2002)

    Google Scholar 

  25. Miller, E., Long, D., Freeman, W., Reed, B.: Strong security for distributed file systems. In: Proc. First USENIX Conference on File and Storage Technologies (FAST), pp. 1–13 (2002)

    Google Scholar 

  26. Oprea, A., Reiter, M.K.: On consistency of encrypted files. Technical Report CMU-CS-06-113, Carnegie Mellon University (2006), Available from: http://reports-archive.adm.cs.cmu.edu/anon/2006/CMU-CS-06-113.pdf

  27. Riedel, E., Kallahalla, M., Swaminathan, R.: A framework for evaluating storage system security. In: Proc. First USENIX Conference on File and Storage Technologies (FAST), pp. 15–30 (2002)

    Google Scholar 

  28. Torres-Rojas, F.J., Ahamad, M., Raynal, M.: Timed consistency for shared distributed objects. In: Proc. 18th ACM Symposium on Principles of Distributed Computing (PODC), pp. 163–172. ACM, New York (1999)

    Google Scholar 

  29. Vitenberg, R., Friedman, R.: On the locality of consistency conditions. In: Fich, F.E. (ed.) DISC 2003. LNCS, vol. 2848, pp. 92–105. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  30. Yu, H., Vahdat, A.: Design and evaluation of a conit-based continuous consistency model for replicated services. ACM Transactions on Computer Systems 20(3), 239–282 (2002)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Department, Carnegie Mellon University, Pittsburgh, PA, USA

    Alina Oprea

  2. Electrical & Computer Engineering Department, Computer Science Department, and CyLab, Carnegie Mellon University, Pittsburgh, PA, USA

    Michael K. Reiter

Authors
  1. Alina Oprea
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Michael K. Reiter
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Ben Gurion University of the Negev, Israel

    Shlomi Dolev

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Oprea, A., Reiter, M.K. (2006). On Consistency of Encrypted Files. In: Dolev, S. (eds) Distributed Computing. DISC 2006. Lecture Notes in Computer Science, vol 4167. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11864219_18

Download citation

  • DOI: https://doi.org/10.1007/11864219_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-44624-8

  • Online ISBN: 978-3-540-44627-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation