Frederik Armknecht
Ghassan Karame
ABSTRACT
Proofs of Retrievability (POR) are cryptographic proofs which provide assurance to a single tenant (who creates tags using his secret material) that his files can be retrieved in their entirety. However, POR schemes completely ignore storage-efficiency concepts, such as multi-tenancy and data deduplication, which are being widely utilized by existing cloud storage providers. Namely, in deduplicated storage systems, existing POR schemes would incur an additional overhead for storing tenants' tags which grows linearly with the number of users deduplicating the same file. This overhead clearly reduces the (economic) incentives of cloud providers to integrate existing POR/PDP solutions in their offerings. In this paper, we propose a novel storage-efficient POR, dubbed SPORT, which transparently supports multi-tenancy and data deduplication. More specifically, SPORT enables tenants to securely share the same POR tags in order to verify the integrity of their deduplicated files. By doing so, SPORT considerably reduces the storage overhead borne by cloud providers when storing the tags of different tenants deduplicating the same content. We show that SPORT resists against malicious tenants/cloud providers (and against collusion among a subset of the tenants and the cloud). Finally, we implement a prototype based on SPORT, and evaluate its performance in a realistic cloud setting. Our evaluation results show that our proposal incurs tolerable computational overhead on the tenants and the cloud provider.
- PBC Library. http://crypto.stanford.edu/pbc/, 2007.Google Scholar
- JPBC:Java Pairing-Based Cryptography Library. http://gas.dia.unisa.it/projects/jpbc/#.U3HBFfna5cY, 2013.Google Scholar
- Backblaze Open Sources Reed-Solomon Erasure Coding Source Code. https://www.backblaze.com/blog/reed-solomon/, 2015.Google Scholar
- Google loses data after lightning strikes. http://money.cnn.com/2015/08/19/technology/google-data-loss-lightning/, 2015.Google Scholar
- F. Armknecht, J. Bohli, G. O. Karame, and F. Youssef. Transparent data deduplication in the cloud. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, October 12--6, 2015, pages 886--900, 2015. Google ScholarDigital Library
- F. Armknecht, J.-M. Bohli, G. O. Karame, Z. Liu, and C. A. Reuter. Outsourced proofs of retrievability. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS '14, pages 831--843, New York, NY, USA, 2014. ACM. Google ScholarDigital Library
- G. Ateniese, R. C. Burns, R. Curtmola, J. Herring, L. Kissner, Z. N. J. Peterson, and D. X. Song. Provable data possession at untrusted stores. In ACM Conference on Computer and Communications Security, pages 598--609, 2007. Google ScholarDigital Library
- G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik. Scalable and efficient provable data possession. IACR Cryptology ePrint Archive, 2008:114, 2008.Google Scholar
- M. Bellare, S. Keelveedhi, and T. Ristenpart. DupLESS: Server-aided encryption for deduplicated storage. In Proceedings of the 22Nd USENIX Conference on Security, SEC'13, pages 179--194, Berkeley, CA, USA, 2013. USENIX Association. Google ScholarDigital Library
- M. Bellare, S. Keelveedhi, and T. Ristenpart. Message-locked encryption and secure deduplication. In Johansson and NguyenciteDBLP:conf/eurocrypt/2013, pages 296--312.Google Scholar
- A. Boldyreva. Threshold signatures, multisignatures and blind signatures based on the gap-diffie-hellman-group signature scheme. In International Workshop on Public Key Cryptography, pages 31--46. Springer, 2003. Google ScholarDigital Library
- D. Boneh, B. Lynn, and H. Shacham. Short signatures from the weil pairing. J. Cryptology, 17(4):297--319, 2004. Google ScholarDigital Library
- K. D. Bowers, A. Juels, and A. Oprea. HAIL: a high-availability and integrity layer for cloud storage. In ACM Conference on Computer and Communications Security, pages 187--198, 2009. Google ScholarDigital Library
- K. D. Bowers, A. Juels, and A. Oprea. Proofs of retrievability: theory and implementation. In CCSW, pages 43--54, 2009. Google ScholarDigital Library
- K. D. Bowers, M. van Dijk, A. Juels, A. Oprea, and R. L. Rivest. How to tell if your cloud files are vulnerable to drive crashes. In ACM Conference on Computer and Communications Security, pages 501--514, 2011. Google ScholarDigital Library
- D. Cash, A. Küpçü, and D. Wichs. Dynamic Proofs of Retrievability via Oblivious RAM. In Johansson and NguyenciteDBLP:conf/eurocrypt/2013, pages 279--295.Google Scholar
- R. Di Pietro and A. Sorniotti. Boosting efficiency and security in proof of ownership for deduplication. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, ASIACCS '12, pages 81--82, New York, NY, USA, 2012. ACM. Google ScholarDigital Library
- D. Dobre, G. Karame, W. Li, M. Majuntke, N. Suri, and M. Vukolić. Powerstore: Proofs of writing for efficient and robust storage. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, CCS '13, pages 285--298, New York, NY, USA, 2013. ACM. Google ScholarDigital Library
- J. R. Douceur, A. Adya, W. J. Bolosky, D. Simon, and M. Theimer. Reclaiming space from duplicate files in a serverless distributed file system. In ICDCS, pages 617--624, 2002. Google ScholarDigital Library
- E. Ghosh, O. Ohrimenko, D. Papadopoulos, R. Tamassia, and N. Triandopoulos. Zero-knowledge accumulators and set operations. Cryptology ePrint Archive, Report 2015/404, 2015. http://eprint.iacr.org/2015/404.Google Scholar
- T. T. W. Group. The notorious nine: Cloud computing top threats in 2013. Report, Cloud Security Alliance, February 2013.Google Scholar
- S. Halevi, D. Harnik, B. Pinkas, and A. Shulman-Peleg. Proofs of ownership in remote storage systems. In Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS '11, pages 491--500, New York, NY, USA, 2011. ACM. Google ScholarDigital Library
- D. Harnik, B. Pinkas, and A. Shulman-Peleg. Side channels in cloud services: Deduplication in cloud storage. IEEE Security & Privacy, 8(6):40--47, 2010. Google ScholarDigital Library
- T. Johansson and P. Q. Nguyen, editors. Advances in Cryptology - EUROCRYPT 2013, 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, Greece, May 26--30, 2013. Proceedings, volume 7881 of Lecture Notes in Computer Science. Springer, 2013.Google Scholar
- A. Juels and B. S. K. Jr. PORs: Proofs Of Retrievability for Large Files. In ACM Conference on Computer and Communications Security, pages 584--597, 2007. Google ScholarDigital Library
- D. T. Meyer and W. J. Bolosky. A study of practical deduplication. In Proceedings of the 9th USENIX Conference on File and Stroage Technologies, FAST'11, pages 1--1, Berkeley, CA, USA, 2011. USENIX Association. Google ScholarDigital Library
- D. T. Meyer and W. J. Bolosky. A study of practical deduplication. Trans. Storage, 7(4):14:1--14:20, Feb. 2012. Google ScholarDigital Library
- L. Reyzin and S. Yakoubov. Efficient asynchronous accumulators for distributed pki. Cryptology ePrint Archive, Report 2015/718, 2015. http://eprint.iacr.org/2015/718.Google Scholar
- T. Ristenpart and S. Yilek. The power of proofs-of-possession: Securing multiparty signatures against rogue-key attacks. In Advances in Cryptology - EUROCRYPT 2007, 26th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Barcelona, Spain, May 20--24, 2007, Proceedings, volume 4515 of Lecture Notes in Computer Science, pages 228--245. Springer, 2007. Google ScholarDigital Library
- H. Shacham and B. Waters. Compact Proofs of Retrievability. In ASIACRYPT, pages 90--107, 2008. Google ScholarDigital Library
- H. Shacham and B. Waters. Compact Proofs of Retrievability. Cryptology ePrint Archive, Report 2008/073, 2008. http://eprint.iacr.org/. Google ScholarDigital Library
- E. Shi, E. Stefanov, and C. Papamanthou. Practical dynamic proofs of retrievability. In A.-R. Sadeghi, V. D. Gligor, and M. Yung, editors, ACM Conference on Computer and Communications Security, pages 325--336. ACM, 2013. Google ScholarDigital Library
- D. Vasilopoulos, M. Önen, K. Elkhiyaoui, and R. Molva. Message-locked proofs of retrievability with secure deduplication. In Proceedings of the 2016 ACM on Cloud Computing Security Workshop, CCSW '16, pages 73--83, New York, NY, USA, 2016. ACM. Google ScholarDigital Library
- Q. Zheng and S. Xu. Secure and efficient proof of storage with deduplication. In Proceedings of the Second ACM Conference on Data and Application Security and Privacy, CODASPY '12, pages 1--12, New York, NY, USA, 2012. ACM. Google ScholarDigital Library
Index Terms
- Sharing Proofs of Retrievability across Tenants
Recommendations
Outsourced Proofs of Retrievability
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications SecurityProofs of Retrievability (POR) are cryptographic proofs that enable a cloud provider to prove that a user can retrieve his file in its entirety. POR need to be frequently executed by the user to ensure that their files stored on the cloud can be fully ...
Towards efficient proofs of retrievability
ASIACCS '12: Proceedings of the 7th ACM Symposium on Information, Computer and Communications SecurityProofs of Retrievability (POR) is a cryptographic formulation for remotely auditing the integrity of files stored in the cloud, without keeping a copy of the original files in local storage. In a POR scheme, a user Alice backups her data file together ...
Message-Locked Proofs of Retrievability with Secure Deduplication
CCSW '16: Proceedings of the 2016 ACM on Cloud Computing Security WorkshopThis paper addresses the problem of data retrievability in cloud computing systems performing deduplication to optimize their space savings: While there exist a number of proof of retrievability (PoR) solutions that guarantee storage correctness with ...
Comments